33a90988cf3b59a3b8dc9f699d155688be8d5623 - platform_frameworks_base

commit	33a90988cf3b59a3b8dc9f699d155688be8d5623	[log] [tgz]
author	Tetiana Meronyk <tetianameronyk@google.com>	Wed Jan 10 16:25:13 2024 +0000
committer	Tetiana Meronyk <tetianameronyk@google.com>	Tue Jan 16 11:06:00 2024 +0000
tree	68b9d6742ae6f26846f61ad221bd7d5fdaab52a1
parent	5ee95d208d5a496ac60f9a3e89cea622ebe1ab2b [diff]

Fix security vulnerability that creates user with no restrictions when accountOptions are too long.

Bug: 293602970
Test: atest UserManagerTest#testAddUserAccountData_validStringValuesAreSaved_validBundleIsSaved && atest UserManagerTest#testAddUserAccountData_invalidStringValuesAreTruncated_invalidBundleIsDropped
Change-Id: I23c971f671546ac085060add89485cfac6691ca3
Merged-In: I23c971f671546ac085060add89485cfac6691ca3

core/java/android/os/PersistableBundle.java[diff]
core/java/android/os/UserManager.java[diff]
core/java/com/android/internal/app/ConfirmUserCreationActivity.java[diff]
services/core/java/com/android/server/pm/UserManagerService.java[diff]
services/tests/mockingservicestests/src/com/android/server/pm/UserManagerServiceTest.java[diff]
services/tests/servicestests/src/com/android/server/pm/UserManagerTest.java[diff]

6 files changed