| commit | 0bbf3f4c3e75f1995d7555cc1643db049ef1bf11 | [log] [tgz] |
|---|---|---|
| author | Sergey Nikolaienkov <sergeynv@google.com> | Tue Mar 28 12:22:31 2023 +0200 |
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Tue Aug 22 02:16:03 2023 +0000 |
| tree | 4cfeb192cd43fc3f771741bddf654a4c4b075256 | |
| parent | fb4e7b9fc30cfe624abf30ed00b3232749c3ce29 [diff] |
Fix path traversal vulnerabilities in MediaProvider Canonicalize filepath provided by the caller when hanling SCAN_FILE_CALL method call in MediaProvider. Additionally, make sure to check access permission in SCAN_FILE_CALL (using enforceCallingPermissionInternal()). Preemptively canonicalize Files provided as an arguments to the public API methods in ModernMediaScanner (scanFile(), scanDirectory() and onDirectoryDirty()) to prevent path traversal attacks. Bug: 262244882 Test: atest MediaProviderTests (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4c867764086b90a27e745ec82e383d63fb9b6232) Merged-In: I61e77d69ae857984b819fa0ea27bec5c26a34842 Change-Id: I61e77d69ae857984b819fa0ea27bec5c26a34842