diff options
| author | Chiao Cheng <chiaocheng@google.com> | 2013-07-10 17:31:04 -0700 |
|---|---|---|
| committer | Chiao Cheng <chiaocheng@google.com> | 2013-07-12 12:12:38 -0700 |
| commit | ab2a24c126f35ae4aefb469f91094e5972abd8f0 (patch) | |
| tree | e8a25450ec6e86bbca4124f708b6339ea442ce26 /src/com/android/providers/contacts/util | |
| parent | 629f595e1e2324f7403465d96c4637375cc0c888 (diff) | |
| download | packages_providers_ContactsProvider-ab2a24c126f35ae4aefb469f91094e5972abd8f0.zip packages_providers_ContactsProvider-ab2a24c126f35ae4aefb469f91094e5972abd8f0.tar.gz packages_providers_ContactsProvider-ab2a24c126f35ae4aefb469f91094e5972abd8f0.tar.bz2 | |
Do not allow updates to the _data column.
Fixes a security hole where applications can update the data location of
voicemail files to point to arbitrary file paths.
Voicemail provider stores the location of the data file in the _data column.
Applications can update this with an arbitrary file path as long as they
have the ADD_VOICEMAIL permission. Then they can subsequently read that
voicemail and obtain access to the file. This location is generated by the
provider and does not need to be updated by the applications.
Bug: 9674953
Change-Id: I9c8fc45071a06d627574a52bafbd9e6e172b4bf8
Diffstat (limited to 'src/com/android/providers/contacts/util')
| -rw-r--r-- | src/com/android/providers/contacts/util/DbQueryUtils.java | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/com/android/providers/contacts/util/DbQueryUtils.java b/src/com/android/providers/contacts/util/DbQueryUtils.java index c184613..d719313 100644 --- a/src/com/android/providers/contacts/util/DbQueryUtils.java +++ b/src/com/android/providers/contacts/util/DbQueryUtils.java @@ -20,6 +20,7 @@ import android.database.DatabaseUtils; import android.text.TextUtils; import java.util.HashMap; +import java.util.Set; /** * Static methods for helping us build database query selection strings. @@ -83,14 +84,24 @@ public class DbQueryUtils { /** * Checks if the given ContentValues contains values within the projection * map. + * * @throws IllegalArgumentException if any value in values is not found in * the projection map. */ public static void checkForSupportedColumns(HashMap<String, String> projectionMap, ContentValues values) { + checkForSupportedColumns(projectionMap.keySet(), values, "Is invalid."); + } + + /** + * @see #checkForSupportedColumns(HashMap, ContentValues) + */ + public static void checkForSupportedColumns(Set<String> allowedColumns, ContentValues values, + String msgSuffix) { for (String requestedColumn : values.keySet()) { - if (!projectionMap.keySet().contains(requestedColumn)) { - throw new IllegalArgumentException("Column '" + requestedColumn + "' is invalid."); + if (!allowedColumns.contains(requestedColumn)) { + throw new IllegalArgumentException("Column '" + requestedColumn + "'. " + + msgSuffix); } } } |