Skip to content
Snippets Groups Projects
  1. Jun 13, 2024
    • Brian Delwiche's avatar
      Fix permission bypasses to multiple methods · 29a8f8ba
      Brian Delwiche authored
      Researcher reports that some BT calls across Binder are validating only
      BT's own permissions and not the calling app's permissions.  On
      investigation this seems to be due to a missing null check in several BT
      permissions checks, which allows a malicious app to pass in a null
      AttributionSource and therefore produce a stub AttributionSource chain
      which does not properly check for the caller's permissions.
      
      Add null checks, and correct tests which assumed a null was a valid
      input.
      
      Bug: 242996380
      Test: atest UtilsTest
      Test: researcher POC
      Tag: #security
      Ignore-AOSP-First: Security
      (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8098771bca75166d06f9591d0d2110ed089ee6a7)
      Merged-In: I76f49fee440726a7c0714385564ddf0e3e8522b5
      Change-Id: I76f49fee440726a7c0714385564ddf0e3e8522b5
      29a8f8ba
  2. Apr 09, 2024
  3. Mar 29, 2024
  4. Mar 28, 2024
  5. Mar 05, 2024
  6. Mar 04, 2024
  7. Mar 02, 2024
  8. Mar 01, 2024
Loading