Skip to content
Snippets Groups Projects
Select Git revision
  • fifteen-qpr1
  • fifteen-qpr0
  • fifteen-qpr2
  • fourteen default
  • fourteen-qpr1
  • thirteen
  • staging/fourteen
  • twelve
  • staging/thirteen
9 results
Search by author
  • Any Author
  • Adithya R Adithya R adithya2306
  • Ali Ali ali-nasiri-80
  • Dhina17 Dhina17 Dhina17
  • electimon electimon electimon
  • Erfan Abdi Erfan Abdi erfanoabdi
  • Farzin Kazemzadeh Farzin Kazemzadeh itisFarzin
  • LMO BuildBot LMO BuildBot lmo-buildbot
  • LMO GerritBot LMO GerritBot lmo-gerritbot
  • Mohammad Hasan Keramat J Mohammad Hasan Keramat J ikeramat
  • Nick Nick nift4
10 authors
  1. Sep 07, 2024
  3. Sep 06, 2024
    • Xin Li's avatar
      Merge 24Q3 to AOSP main · 9248b5ab
      Xin Li authored 
      Bug: 357762254
Merged-In: Ice09a7ad54167e68cd2dc892692fc49a0afbabc1
Change-Id: If27a204b2e8db793efb9b5161449e79b75a4cdfd
      9248b5ab
  5. Jul 03, 2024
  7. Jun 20, 2024
  9. Jun 19, 2024
    • Aryan Sinha's avatar
      LatinIME: Fix Implicit PendingIntent Vulnerability · 8064a47f
      Aryan Sinha authored and Aryan Sinha's avatar Aryan Sinha committed 
      
* checkTimeAndMaybeSetupUpdateAlarm method created an Implicit PendingIntent vulnerability, which may cause security threats in the form of denial-of-service, private data theft, and privilege escalation.

* PendingIntents are Intents delegated to another app to be delivered at some future time. Creating an implicit intent wrapped under a PendingIntent is a security vulnerability that might lead to denial-of-service, private data theft, and privilege escalation.

* We've used FLAG_IMMUTABLE (added in SDK 23) to create PendingIntents for SDK > 23, This prevents apps that receive the PendingIntent from filling in unpopulated properties & Ensures that PendingIntent is only delivered to trusted components.

Test: m
Change-Id: I68a1f3f2d81138e42092cc201d36e5d29853a86e
Signed-off-by: default avatartechyminati <sinha.aryan03@gmail.com>
      8064a47f
  11. Jun 18, 2024
  13. Jun 17, 2024
  15. Jun 13, 2024
    • Xin Li's avatar
      Merge Android 14 QPR3 to AOSP main · 4f3c5a71
      Xin Li authored 
      Bug: 346855327
Merged-In: Iede0c79fa9dbc2ea3146b829d629cfeb64f5a01c
Change-Id: I322d98ab53035bbc907f8551a97a7e5118ed022d
      4f3c5a71
  17. Jun 06, 2024
  19. Jun 03, 2024
  21. May 10, 2024
  23. May 09, 2024
  25. May 06, 2024
  27. Apr 19, 2024
  29. Jan 24, 2024
  31. Jan 18, 2024
  33. Jan 10, 2024
    • Cole Faust's avatar
      Baseline NewApi issues · cef3ed4c
      Cole Faust authored 
      NewApi is a lint check that you don't call framework methods that were
introduced in versions later than your min_sdk_version. We want to
make this an error, so we're baselineing all existing issues.

This cl was generated automatically, by taking all the NewApi issues
from the reference baselines, and all the non-NewApi issues from the
existing checked in baselines.

Bug: 268261262
Test: Presubmits
Change-Id: If1b1214da673fec9f1e8bede86d5780a6b5f347b
      cef3ed4c
  35. Dec 21, 2023
  37. Dec 20, 2023
    • Cole Faust's avatar
      List baseline_filename on modules that are implititly using it · b15dd47b
      Cole Faust authored 
      lintable modules currently pick up files named "lint-baseline.xml" to use as the
lint baseline implicitly. This is confusing because you could end up using the
baseline files in more modules than intended. Lint also has a feature where it
requests you remove unnecessary findings from the baseline file, so something
could be necessary for one module, but unnecessary for another that accidentally
picked up the baseline.

We're removing the implicit detection of the baseline file, which requires
all modules using it to list the baseline file explicitly.

Bug: 272769514
Test: Presubmits
Change-Id: Ib640f0642fbb12b96309ce518a505376dda01cb4
      b15dd47b
  39. Dec 07, 2023
  41. Nov 17, 2023