Merge "SECURITY: Don't pass a usable Pending Intent to 3rd parties." into lmp-dev

author: Carlos Valdivia <carlosvaldivia@google.com> 2014-09-08 18:21:03 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2014-09-08 18:21:03 +0000
commit: 690ce1b32546c899fcf07f9d6552b04bb6fb7b2e (patch)
tree: 1a1852551cb87a6d8fc5122be4e24f2e766bf77a /src/com/android/settings/accounts
parent: 1f389c1996d754142c52c947105af4ec2db84f5c (diff)
parent: f5d3e74ecc2b973941d8adbe40c6b23094b5abb7 (diff)
download: packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.zip
packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.tar.gz
packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.tar.bz2
1 files changed, 17 insertions, 2 deletions
diff --git a/src/com/android/settings/accounts/AddAccountSettings.java b/src/com/android/settings/accounts/AddAccountSettings.java
index 4e97c05..3af28b2 100644
--- a/src/com/android/settings/accounts/AddAccountSettings.java
+++ b/src/com/android/settings/accounts/AddAccountSettings.java
@@ -22,8 +22,8 @@ import android.accounts.AccountManagerFuture;
 import android.accounts.AuthenticatorException;
 import android.accounts.OperationCanceledException;
 import android.app.Activity;
-import android.app.ActivityManagerNative;
 import android.app.PendingIntent;
+import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
 import android.os.Bundle;
@@ -69,6 +69,7 @@ public class AddAccountSettings extends Activity {
      * application.
      */
     private static final String KEY_CALLER_IDENTITY = "pendingIntent";
+    private static final String SHOULD_NOT_RESOLVE = "SHOULDN'T RESOLVE!";
 
     private static final String TAG = "AccountSettings";
 
@@ -196,7 +197,21 @@ public class AddAccountSettings extends Activity {
 
     private void addAccount(String accountType) {
         Bundle addAccountOptions = new Bundle();
-        mPendingIntent = PendingIntent.getBroadcast(this, 0, new Intent(), 0);
+        /*
+         * The identityIntent is for the purposes of establishing the identity
+         * of the caller and isn't intended for launching activities, services
+         * or broadcasts.
+         *
+         * Unfortunately for legacy reasons we still need to support this. But
+         * we can cripple the intent so that 3rd party authenticators can't
+         * fill in addressing information and launch arbitrary actions.
+         */
+        Intent identityIntent = new Intent();
+        identityIntent.setComponent(new ComponentName(SHOULD_NOT_RESOLVE, SHOULD_NOT_RESOLVE));
+        identityIntent.setAction(SHOULD_NOT_RESOLVE);
+        identityIntent.addCategory(SHOULD_NOT_RESOLVE);
+
+        mPendingIntent = PendingIntent.getBroadcast(this, 0, identityIntent, 0);
         addAccountOptions.putParcelable(KEY_CALLER_IDENTITY, mPendingIntent);
         addAccountOptions.putBoolean(EXTRA_HAS_MULTIPLE_USERS, Utils.hasMultipleUsers(this));
         AccountManager.get(this).addAccountAsUser(
author	Carlos Valdivia <carlosvaldivia@google.com>	2014-09-08 18:21:03 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2014-09-08 18:21:03 +0000
commit	690ce1b32546c899fcf07f9d6552b04bb6fb7b2e (patch)
tree	1a1852551cb87a6d8fc5122be4e24f2e766bf77a /src/com/android/settings/accounts
parent	1f389c1996d754142c52c947105af4ec2db84f5c (diff)
parent	f5d3e74ecc2b973941d8adbe40c6b23094b5abb7 (diff)
download	packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.zip packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.tar.gz packages_apps_Settings-690ce1b32546c899fcf07f9d6552b04bb6fb7b2e.tar.bz2