Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_services_Telecomm / 2d83c4451f903f9c3693699547866be063a469ef
commit2d83c4451f903f9c3693699547866be063a469ef[log] [tgz]
authorPranav Madapurmath <pmadapurmath@google.com>Tue Jun 11 22:50:08 2024 -0700
committerhmtheboy154 <buingoc67@gmail.com>Sat Feb 15 01:11:29 2025 -0500
tree0dab4d715f0f47c524616b61ee9a40aef08b508b
parentf26758416063d843f66c6404fb4b21399b700c07 [diff]
Resolve cross-user image exploit for conference status hints

Ensure that status hint image icon is validated for cross-user exploits.
Currently, there is no check for this so a conference call can display
an image from another user, exposing a vulnerability.

Bug: 329058967
Test: Manual with POC
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a8e2bf9c77cd94f683979c849015b78ef0537802)
Merged-In: Ib9d701398d25d021cdb9abacbaa5b175f62bee1d
Change-Id: Ib9d701398d25d021cdb9abacbaa5b175f62bee1d
1 file changed
tree: 0dab4d715f0f47c524616b61ee9a40aef08b508b
  1. libs/
  2. proto/
  3. res/
  4. scripts/
  5. src/
  6. testapps/
  7. tests/
  8. .classpath
  9. .gitignore
  10. .project
  11. Android.bp
  12. AndroidManifest.xml
  13. CleanSpec.mk
  14. OWNERS
  15. PREUPLOAD.cfg
  16. proguard.flags
  17. TEST_MAPPING