Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_services_Telecomm / refs/heads/typhoon
commit8636191831b3173ef1d139f188add2b304a995cb[log] [tgz]
authorPranav Madapurmath <pmadapurmath@google.com>Thu Jan 02 15:04:45 2025 -0800
committerhmtheboy154 <buingoc67@gmail.com>Tue Apr 08 02:17:00 2025 -0400
treeebf87ff4ba04005bb20ed7f2b9056e8927fb7221
parent244e279acc671f8d747da8d9df5124fe8b4a7c63 [diff]
Resolve cross account user icon validation.

Resolves a vulnerability found with the cross account user icon
validation in StatusHint and TelecomServiceImpl (when registering a
phone account). The reporter found that an uri formatted as `userId%`
isn't parsed properly with the existing reference to Uri.encodedUserInfo.

Bug: 376461551
Bug: 376259166
Flag: EXEMPT bugfix
Test: atest TelecomServiceImplTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:089dc975fc9dce402ec8c6c84e76fa100c9adcf5)
Merged-In: I7a5f64ae01eaf6a133ea04c51bd00dbe1653b74f
Change-Id: I7a5f64ae01eaf6a133ea04c51bd00dbe1653b74f
2 files changed
tree: ebf87ff4ba04005bb20ed7f2b9056e8927fb7221
  1. libs/
  2. proto/
  3. res/
  4. scripts/
  5. src/
  6. testapps/
  7. tests/
  8. .classpath
  9. .gitignore
  10. .project
  11. Android.bp
  12. AndroidManifest.xml
  13. CleanSpec.mk
  14. OWNERS
  15. PREUPLOAD.cfg
  16. proguard.flags
  17. TEST_MAPPING