Merge "Address SessionCommitReceiver vulnerability by validating intent." into ub-launcher3-qt-future-dev

This commit is contained in:
TreeHugger Robot
2019-11-08 21:50:02 +00:00
committed by Android (Google) Code Review

View File

@@ -71,8 +71,13 @@ public class SessionCommitReceiver extends BroadcastReceiver {
SessionInfo info = intent.getParcelableExtra(PackageInstaller.EXTRA_SESSION);
UserHandle user = intent.getParcelableExtra(Intent.EXTRA_USER);
PackageInstallerCompat packageInstallerCompat = PackageInstallerCompat.getInstance(context);
if (!PackageInstaller.ACTION_SESSION_COMMITTED.equals(intent.getAction())
|| info == null || user == null) {
// Invalid intent.
return;
}
PackageInstallerCompat packageInstallerCompat = PackageInstallerCompat.getInstance(context);
if (TextUtils.isEmpty(info.getAppPackageName())
|| info.getInstallReason() != PackageManager.INSTALL_REASON_USER
|| packageInstallerCompat.promiseIconAddedForId(info.getSessionId())) {