Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 6d6cd68660635d670b0cb17f348b7c1da13704b3
commit6d6cd68660635d670b0cb17f348b7c1da13704b3[log] [tgz]
authorSeigo Nonaka <nona@google.com>Thu Jun 22 08:22:18 2017 -0700
committerSeigo Nonaka <nona@google.com>Thu Jun 22 08:36:03 2017 -0700
tree46ff413dabcfa566e5e7174ed24b41da1ce13ec8
parent58aeff811f2da99537a8a9531fc58cea8ffbb867 [diff]
Stop loading other package's font by default.

Since CONTEXT_RESTRICTED is not a default flag of createPackageContext,
we can't rely on it for preventing unexpected font injections.
To protect developers and existing apps from a risk of font injection,
stop loading font from other package's resouce unless the developer
explicitly set CONTEXT_IGNORE_SECURITY.

Bug: 62813533
Bug: 62879353
Test: Manually done
Change-Id: I4442ddc48dadb5c968b444be86038b602074d301
5 files changed
tree: 46ff413dabcfa566e5e7174ed24b41da1ce13ec8
  1. apct-tests/
  2. api/
  3. cmds/
  4. core/
  5. data/
  6. docs/
  7. drm/
  8. graphics/
  9. keystore/
  10. legacy-test/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. telecomm/
  26. telephony/
  27. test-runner/
  28. tests/
  29. tools/
  30. vr/
  31. wifi/
  32. Android.bp
  33. Android.mk
  34. CleanSpec.mk
  35. compiled-classes-phone
  36. MODULE_LICENSE_APACHE2
  37. NOTICE
  38. pathmap.mk
  39. preloaded-classes
  40. PREUPLOAD.cfg