Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_services_Telecomm / 738e99a06fae6cd70f0f57e494065393cc436208
commit738e99a06fae6cd70f0f57e494065393cc436208[log] [tgz]
authorPranav Madapurmath <pmadapurmath@google.com>Tue Jun 11 22:50:08 2024 -0700
committerhmtheboy154 <buingoc67@gmail.com>Tue Jan 28 03:42:33 2025 -0500
treeac2595955b75842b68928d281949540bd96012b1
parent8b21d45e261759518ea0b72c161d227018183b5a [diff]
Resolve cross-user image exploit for conference status hints

Ensure that status hint image icon is validated for cross-user exploits.
Currently, there is no check for this so a conference call can display
an image from another user, exposing a vulnerability.

Bug: 329058967
Test: Manual with POC
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a8e2bf9c77cd94f683979c849015b78ef0537802)
Merged-In: Ib9d701398d25d021cdb9abacbaa5b175f62bee1d
Change-Id: Ib9d701398d25d021cdb9abacbaa5b175f62bee1d
1 file changed
tree: ac2595955b75842b68928d281949540bd96012b1
  1. libs/
  2. proto/
  3. res/
  4. scripts/
  5. src/
  6. testapps/
  7. tests/
  8. .classpath
  9. .gitignore
  10. .project
  11. Android.bp
  12. AndroidManifest.xml
  13. CleanSpec.mk
  14. OWNERS
  15. PREUPLOAD.cfg
  16. proguard.flags
  17. TEST_MAPPING