Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / e214082cb0daea2370e9fb2367b1759a9d274450
commite214082cb0daea2370e9fb2367b1759a9d274450[log] [tgz]
authorHao Ke <haok@google.com>Mon Nov 22 21:46:36 2021 +0000
committerHao Ke <haok@google.com>Mon Dec 06 14:34:03 2021 +0000
tree6237886388699b2eb5c7ba3390806a21f8d5c66e
parent92a4b54de58d76cc9c376e80e2956eff8e11e2e9 [diff]
Set default ClassLoader for Parcel readSerializable API.

Set the default ClassLoader for the readSerializable(ClassLoader,
Class) API, when the ClassLoader parameter is null.

Doing so could enhance the security of Parcel deserialization,
as it would prevent resolving the Serializable class using unexpected
ClassLoaders.

Test: atest -d android.os.cts.ParcelTest
Bug: 195622897
Change-Id: I6da4b4f817c33e4464d90d1e9775b54793835c92
1 file changed
tree: 6237886388699b2eb5c7ba3390806a21f8d5c66e
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. lowpan/
  19. media/
  20. mime/
  21. mms/
  22. native/
  23. nfc-extras/
  24. obex/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. wifi/
  42. .clang-format
  43. .gitignore
  44. .mailmap
  45. Android.bp
  46. Android.mk
  47. ApiDocs.bp
  48. BATTERY_STATS_OWNERS
  49. CleanSpec.mk
  50. framework-jarjar-rules.txt
  51. GAME_MANAGER_OWNERS
  52. METADATA
  53. MODULE_LICENSE_APACHE2
  54. MULTIUSER_OWNERS
  55. NOTICE
  56. OWNERS
  57. OWNERS.md
  58. PACKAGE_MANAGER_OWNERS
  59. pathmap.mk
  60. PREUPLOAD.cfg
  61. ProtoLibraries.bp
  62. StubLibraries.bp
  63. TEST_MAPPING
  64. TestProtoLibraries.bp
  65. ZYGOTE_OWNERS