Merge Android U (ab/10368041)

Bug: 291102124 Merged-In: I14048e3a7575f49da4cc945f32d2df839a4f0a00 Change-Id: If29d13904ad08d858094db9dd4b4abace9ce81b9

Merge Android U (ab/10368041)
cc70e7f9 · Xin Li · 591bf243 · ec2af4c7 · cc70e7f9 · cc70e7f9
Commit cc70e7f9 authored 1 year ago by Xin Li
--- a/src/android/support/v7/mms/MmsNetworkManager.java
+++ b/src/android/support/v7/mms/MmsNetworkManager.java
@@ -324,7 +324,8 @@ class MmsNetworkManager {

    private void registerConnectivityChangeReceiverLocked() {
        if (!mReceiverRegistered) {
-            mContext.registerReceiver(mConnectivityChangeReceiver, mConnectivityIntentFilter);
+            mContext.registerReceiver(mConnectivityChangeReceiver, mConnectivityIntentFilter,
+                    Context.RECEIVER_EXPORTED/*UNAUDITED*/);
            mReceiverRegistered = true;
        }
    }

--- a/src/com/android/messaging/BugleApplication.java
+++ b/src/com/android/messaging/BugleApplication.java
@@ -132,7 +132,8 @@ public class BugleApplication extends Application implements UncaughtExceptionHa
                LogUtil.i(TAG, "Carrier config changed. Reloading MMS config.");
                MmsConfig.loadAsync();
            }
-        }, new IntentFilter(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED));
+        }, new IntentFilter(CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED),
+        Context.RECEIVER_EXPORTED/*UNAUDITED*/);
    }

    private static void initMmsLib(final Context context, final BugleGservices bugleGservices,

--- a/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java
+++ b/src/com/android/messaging/ui/conversation/LaunchConversationActivity.java
@@ -37,6 +37,8 @@ import com.android.messaging.util.UriUtil;

 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
+import java.util.ArrayList;
+import java.util.List;

 /**
 * Launches ConversationActivity for sending a message to, or viewing messages from, a specific
@@ -46,6 +48,7 @@ import java.net.URLDecoder;
 */
 public class LaunchConversationActivity extends Activity implements
        LaunchConversationData.LaunchConversationDataListener {
+    private static final int MAX_RECIPIENT_LENGTH = 100;
    static final String SMS_BODY = "sms_body";
    static final String ADDRESS = "address";
    final Binding<LaunchConversationData> mBinding = BindingBase.createBinding(this);
@@ -76,6 +79,9 @@ public class LaunchConversationActivity extends Activity implements
                    recipients = new String[] { intent.getStringExtra(Intent.EXTRA_EMAIL) };
                }
            }
+            if (recipients != null) {
+                recipients = trimInvalidRecipients(recipients);
+            }
            mSmsBody = intent.getStringExtra(SMS_BODY);
            if (TextUtils.isEmpty(mSmsBody)) {
                // Used by intents sent from the web YouTube (and perhaps others).
@@ -103,6 +109,20 @@ public class LaunchConversationActivity extends Activity implements
        finish();
    }

+    private String[] trimInvalidRecipients(String[] recipients) {
+        List<String> trimmedRecipients = new ArrayList<>();
+        for (String recipient : recipients) {
+            if (recipient.length() < MAX_RECIPIENT_LENGTH) {
+                trimmedRecipients.add(recipient);
+            }
+        }
+        if (trimmedRecipients.size() > 0) {
+            return trimmedRecipients.toArray(new String[0]);
+        } else {
+            return null;
+        }
+    }
+
    private String getBody(final Uri uri) {
        if (uri == null) {
            return null;

--- a/src/com/android/messaging/util/FileUtil.java
+++ b/src/com/android/messaging/util/FileUtil.java
@@ -20,6 +20,7 @@ import android.content.ContentResolver;
 import android.content.Context;
 import android.net.Uri;
 import android.os.Environment;
+import android.os.ParcelFileDescriptor;
 import android.text.TextUtils;

 import com.android.messaging.Factory;
@@ -28,6 +29,8 @@ import com.google.common.io.Files;

 import java.io.File;
 import java.io.IOException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.Locale;
@@ -121,6 +124,10 @@ public class FileUtil {
    // We're told it's possible to create world readable hardlinks to other apps private data
    // so we ban all /data file uris.
    public static boolean isInPrivateDir(Uri uri) {
+        return isFileUriInPrivateDir(uri) || isContentUriInPrivateDir(uri);
+    }
+
+    private static boolean isFileUriInPrivateDir(Uri uri) {
        if (!UriUtil.isFileUri(uri)) {
            return false;
        }
@@ -128,6 +135,24 @@ public class FileUtil {
        return FileUtil.isSameOrSubDirectory(Environment.getDataDirectory(), file);
    }

+    private static boolean isContentUriInPrivateDir(Uri uri) {
+        if (!uri.getScheme().equals(ContentResolver.SCHEME_CONTENT)) {
+            return false;
+        }
+        try {
+            Context context = Factory.get().getApplicationContext();
+            ParcelFileDescriptor pfd = context.getContentResolver().openFileDescriptor(uri, "r");
+            int fd = pfd.getFd();
+            // Use the file descriptor to find out the read file path through symbolic link.
+            Path fdPath = Paths.get("/proc/self/fd/" + fd);
+            Path filePath = java.nio.file.Files.readSymbolicLink(fdPath);
+            pfd.close();
+            return FileUtil.isSameOrSubDirectory(Environment.getDataDirectory(), filePath.toFile());
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
    /**
     * Checks, whether the child directory is the same as, or a sub-directory of the base
     * directory.