diff options
author | Dianne Hackborn <hackbod@google.com> | 2013-05-22 11:29:36 -0700 |
---|---|---|
committer | Dianne Hackborn <hackbod@google.com> | 2013-05-22 11:50:23 -0700 |
commit | 8274b6770219a469ab8a5254206d0d81bd5c96d3 (patch) | |
tree | d752710d21e4666c33e0a7e243390e0e18c2995e /src/com/android/settings/DeviceAdminAdd.java | |
parent | 0b2781ae537e6d3d27863080eea0a0a5fa6c83b8 (diff) | |
download | packages_apps_Settings-8274b6770219a469ab8a5254206d0d81bd5c96d3.zip packages_apps_Settings-8274b6770219a469ab8a5254206d0d81bd5c96d3.tar.gz packages_apps_Settings-8274b6770219a469ab8a5254206d0d81bd5c96d3.tar.bz2 |
Fix issue #9074296: Device Admins can activate in a way...
...that makes it impossible to deactive/uninstall them
Don't allow device admins to directly launch the add UI if
they are malformed.
Change-Id: I0d3140222d8015f680e1f199bddae2221ee0e726
Diffstat (limited to 'src/com/android/settings/DeviceAdminAdd.java')
-rw-r--r-- | src/com/android/settings/DeviceAdminAdd.java | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/src/com/android/settings/DeviceAdminAdd.java b/src/com/android/settings/DeviceAdminAdd.java index b2145b0..27e7a54 100644 --- a/src/com/android/settings/DeviceAdminAdd.java +++ b/src/com/android/settings/DeviceAdminAdd.java @@ -50,6 +50,8 @@ import android.widget.TextView; import java.io.IOException; import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; public class DeviceAdminAdd extends Activity { static final String TAG = "DeviceAdminAdd"; @@ -104,7 +106,7 @@ public class DeviceAdminAdd extends Activity { finish(); return; } - + ActivityInfo ai; try { ai = getPackageManager().getReceiverInfo(cn, PackageManager.GET_META_DATA); @@ -113,7 +115,37 @@ public class DeviceAdminAdd extends Activity { finish(); return; } - + + // Make sure the given component name is actually a valid device admin. + List<ResolveInfo> avail = getPackageManager().queryBroadcastReceivers( + new Intent(DeviceAdminReceiver.ACTION_DEVICE_ADMIN_ENABLED), + PackageManager.GET_DISABLED_UNTIL_USED_COMPONENTS); + int count = avail == null ? 0 : avail.size(); + boolean found = false; + for (int i=0; i<count; i++) { + ResolveInfo ri = avail.get(i); + if (ai.packageName.equals(ri.activityInfo.packageName) + && ai.name.equals(ri.activityInfo.name)) { + try { + // We didn't retrieve the meta data for all possible matches, so + // need to use the activity info of this specific one that was retrieved. + ri.activityInfo = ai; + DeviceAdminInfo dpi = new DeviceAdminInfo(this, ri); + found = true; + } catch (XmlPullParserException e) { + Log.w(TAG, "Bad " + ri.activityInfo, e); + } catch (IOException e) { + Log.w(TAG, "Bad " + ri.activityInfo, e); + } + break; + } + } + if (!found) { + Log.w(TAG, "Request to add invalid device admin: " + cn); + finish(); + return; + } + ResolveInfo ri = new ResolveInfo(); ri.activityInfo = ai; try { |