Fix security vulnerability that creates user with no restrictions when accountOptions are too long.
Bug: 293602970 Test: atest UserManagerTest#testAddUserAccountData_validStringValuesAreSaved_validBundleIsSaved && atest UserManagerTest#testAddUserAccountData_invalidStringValuesAreTruncated_invalidBundleIsDropped Change-Id: I23c971f671546ac085060add89485cfac6691ca3 Merged-In: I23c971f671546ac085060add89485cfac6691ca3
Showing
- core/java/android/os/PersistableBundle.java 37 additions, 0 deletionscore/java/android/os/PersistableBundle.java
- core/java/android/os/UserManager.java 19 additions, 4 deletionscore/java/android/os/UserManager.java
- core/java/com/android/internal/app/ConfirmUserCreationActivity.java 12 additions, 0 deletions...com/android/internal/app/ConfirmUserCreationActivity.java
- services/core/java/com/android/server/pm/UserManagerService.java 17 additions, 12 deletions...s/core/java/com/android/server/pm/UserManagerService.java
- services/tests/servicestests/src/com/android/server/pm/UserManagerTest.java 102 additions, 0 deletions...vicestests/src/com/android/server/pm/UserManagerTest.java
Loading
Please register or sign in to comment