- Aug 03, 2023
-
-
Treehugger Robot authored
[automerger skipped] Merge "[conflict] Merge "Add userId check before loading icon in Device Controls" into rvc-dev am: 2818ba8c" into rvc-qpr-dev am: 4b74ba44 -s ours am skip reason: Merged-In Iba846f19098c71c0519470cd7b8c1fd60d47e70b with SHA-1 22f18e02 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24294454 Change-Id: Ic31cc783397f3a29e7c29365044be2b52e91dcaf Signed-off-by:
Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-
Anton Potapov authored
[automerger skipped] [conflict] Merge "Add userId check before loading icon in Device Controls" into rvc-dev am: 2818ba8c am: 373c5ac4 -s ours am skip reason: Merged-In Iba846f19098c71c0519470cd7b8c1fd60d47e70b with SHA-1 22f18e02 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24294454 Change-Id: Icedc57c9c52c15042fa39b259c7d2a01dbb11155 Signed-off-by:
-
Treehugger Robot authored
Merge "[conflict] Merge "Add userId check before loading icon in Device Controls" into rvc-dev am: 2818ba8c" into rvc-qpr-dev
-
- Aug 02, 2023
-
-
Treehugger Robot authored
[automerger skipped] Merge "Resolve custom printer icon boundary exploit." into rvc-qpr-dev am: 91771262 -s ours am skip reason: Merged-In Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce with SHA-1 0e0693ca is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24108355 Change-Id: I02e6e6de603654ce76c90cf411c1307a1bc60753 Signed-off-by:
-
kumarashishg authored
am skip reason: Merged-In Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce with SHA-1 0e0693ca is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24108355 Change-Id: Iedbce15376b5f868facb70dfea8ec02cf0a5f341 Signed-off-by:
-
Treehugger Robot authored
-
Anton Potapov authored
[conflict] Merge "Add userId check before loading icon in Device Controls" into rvc-dev am: 2818ba8c Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23918603 Merged-In: I39b7bc62d82e20b5ba8747be13a2aa7bf21a59a2 Merged-In: I60896a6f53307f0e97a9223b599a2891c6c0c08d Merged-In: Ib0e677f7ccbed6299ea07939519c7dcf6d371bec Merged-In: Ibe4fb69a90904787b9f97a7cd90d318a047d1e11 Merged-In: Iba846f19098c71c0519470cd7b8c1fd60d47e70b Change-Id: I4666499fa8e2c51a7900913c9e22127cb6a4283a Signed-off-by:
-
Anton Potapov authored
-
Anton Potapov authored
-
- Aug 01, 2023
-
-
Anton Potapov authored
Test: manual with the steps from the bug Test: manual with a normal icon Test: atest CanUseIconPredicate Test: atest ControlViewHolderTest Bug: 272025416 (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ffa97f42dd9496bb404e01727c923292d05a4466) Merged-In: I39b7bc62d82e20b5ba8747be13a2aa7bf21a59a2 Merged-In: I60896a6f53307f0e97a9223b599a2891c6c0c08d Merged-In: Ib0e677f7ccbed6299ea07939519c7dcf6d371bec Merged-In: Ibe4fb69a90904787b9f97a7cd90d318a047d1e11 Merged-In: Iba846f19098c71c0519470cd7b8c1fd60d47e70b Change-Id: I354469a53611c094c7bb695b1c2017c6786dd396
-
Anton Potapov authored
Test: manual with the steps from the bug Test: manual with a normal icon Test: atest CanUseIconPredicate Test: atest ControlViewHolderTest Bug: 272025416 Merged-In: I39b7bc62d82e20b5ba8747be13a2aa7bf21a59a2 Merged-In: I60896a6f53307f0e97a9223b599a2891c6c0c08d Merged-In: Ib0e677f7ccbed6299ea07939519c7dcf6d371bec Merged-In: Ibe4fb69a90904787b9f97a7cd90d318a047d1e11 Change-Id: Iba846f19098c71c0519470cd7b8c1fd60d47e70b
-
- Jul 31, 2023
-
-
Treehugger Robot authored
[automerger skipped] Merge "Resolve custom printer icon boundary exploit." into rvc-dev am: abd2a232 am: f4361774 -s ours am skip reason: Merged-In Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce with SHA-1 0e0693ca is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24108354 Change-Id: I001895eb6e53cb9f6f283815c99cd8368f25b1e7 Signed-off-by:
-
Treehugger Robot authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24108354 Change-Id: I37c92866051469bc2108adc76fcdf4e1cfa44cb3 Signed-off-by:
-
Treehugger Robot authored
-
Treehugger Robot authored
-
- Jul 27, 2023
-
-
Kunal Malhotra authored
Merge "Fixing DatabaseUtils to detect malformed UTF-16 strings" into rvc-dev am: 0dcc5c6e am: 799e127b Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24057913 Change-Id: Ic345ae053cef19329022e5a185e136b66298a12a Signed-off-by:
-
Hongwei Wang authored
[automerger skipped] [DO NOT MERGE][conflict] Merge "Disallow loading icon from content URI to PipMenu" into rvc-dev am: 5d31bd1c am: 8451e9a0 -s ours am skip reason: subject contains skip directive Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24228701 Change-Id: Ic85e6bd1ebd14234f9bf3b37f39248d584e44ebc Signed-off-by:
-
Kunal Malhotra authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24057913 Change-Id: Idab79d3772b506b3a453a135efb71f9b670eda50 Signed-off-by:
-
Kunal Malhotra authored
-
Hongwei Wang authored
[DO NOT MERGE][conflict] Merge "Disallow loading icon from content URI to PipMenu" into rvc-dev am: 5d31bd1c Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23424576 Bug: 293475290 Change-Id: Ic50edc109c89378aacc926b5b56aa142f9a01bbb Signed-off-by:
-
Hongwei Wang authored
-
- Jul 26, 2023
-
-
Hongwei Wang authored
Bug: 278246904 Test: manually, with the PoC app attached to the bug Merged-In: Idbd4081bf464e2b3420d4c3fd22ca37867d26bc0 Merged-In: Ib3f5b8b6b9ce644fdf1173548d9078e4d969ae2e Change-Id: Iecfc1fb962de611cbe3c51a44ba4fded53925a7d
-
Hongwei Wang authored
-
Josep del Río authored
[automerger skipped] Merge "Fix KCM key mapping cloning" into rvc-dev am: 287bfd5a am: b93914a7 -s ours am skip reason: Merged-In I745008a0a8ea30830660c45dcebee917b3913d13 with SHA-1 3d993de0 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24029386 Change-Id: Ic9cba8d16970963a7c37dcf180e1f462020fbd8b Signed-off-by:
-
Josep del Río authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/24029386 Change-Id: I396e64c60ea7a40ef71a89565bfd67202c2e65cc Signed-off-by:
-
Josep del Río authored
-
- Jul 18, 2023
-
-
kumarashishg authored
Because Settings grants the INTERACT_ACROSS_USERS_FULL permission, an exploit is possible where the third party print plugin service can pass other's User Icon URI. This CL provides a lightweight solution for parsing the image URI to detect profile exploitation. Bug: 281525042 Test: Build and flash the code. Try to reproduce the issue with mentioned steps in the bug Change-Id: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce Merged-In: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
-
kumarashishg authored
Because Settings grants the INTERACT_ACROSS_USERS_FULL permission, an exploit is possible where the third party print plugin service can pass other's User Icon URI. This CL provides a lightweight solution for parsing the image URI to detect profile exploitation. Bug: 281525042 Test: Build and flash the code. Try to reproduce the issue with mentioned steps in the bug Change-Id: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce Merged-In: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
-
kumarashishg authored
Because Settings grants the INTERACT_ACROSS_USERS_FULL permission, an exploit is possible where the third party print plugin service can pass other's User Icon URI. This CL provides a lightweight solution for parsing the image URI to detect profile exploitation. Bug: 281525042 Test: Build and flash the code. Try to reproduce the issue with mentioned steps in the bug Change-Id: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce Merged-In: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
-
- Jul 13, 2023
-
-
Kunal Malhotra authored
Test: tested with POC in bug, also using atest Bug: 224771621 Change-Id: Ide65205b83063801971c5778af3154bcf3f0e530
-
- Jul 12, 2023
-
-
Varun Shah authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23835332 Change-Id: Ia42407c266b1a65114901b4f7205717714030d69 Signed-off-by:
-
Varun Shah authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23835332 Change-Id: Ib906252b0b2b8e1ca91bd80ef7183e450a19428e Signed-off-by:
-
Varun Shah authored
-
Josep del Rio authored
ag/23792288 tried to fix a security issue by cloning the key mappings, but unfortunately the parcel was not being rewinded. Bug: 274058082 Test: Confirmed change works in newer Android versions Merged-In: I745008a0a8ea30830660c45dcebee917b3913d13 Change-Id: I6f75b9202e20d82ebf81a35a2916e653ee1b8372
-
- Jul 10, 2023
-
-
Tim Yu authored
-
Tim Yu authored
[automerger skipped] Merge "[DO NOT MERGE] Verify URI Permissions in Autofill RemoteViews" into rvc-dev am: d4ba5517 am: 1b1950ac -s ours am skip reason: subject contains skip directive Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23846296 Change-Id: I48c93f48374033cd6846f83eeb3ed1c90cd464af Signed-off-by:
-
Tim Yu authored
[automerger skipped] [DO NOT MERGE] Verify URI Permissions in Autofill RemoteViews am: 26beceb9 am: 60612ed1 -s ours am skip reason: subject contains skip directive Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23846296 Change-Id: I1833a9bd69ea2b88f6ee601e8747b1df466f3352 Signed-off-by:
-
Tim Yu authored
[automerger skipped] Merge "[DO NOT MERGE] Verify URI Permissions in Autofill RemoteViews" into rvc-qpr-dev am: 0590bd00 -s ours am skip reason: subject contains skip directive Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23985766 Change-Id: I809edb81652876be8e71442955011d2c0f4e7e3d Signed-off-by:
-
Tim Yu authored
[automerger skipped] [DO NOT MERGE] Verify URI Permissions in Autofill RemoteViews am: 5c72cd48 -s ours am skip reason: subject contains skip directive Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23985766 Change-Id: Ie864e3af0562831c2d6c7d1aa7759e944ede9d14 Signed-off-by:
-
Tim Yu authored
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/23846296 Change-Id: Ia1f2944e37b371f6a80586c851b0787686af3eb2 Signed-off-by:
-
