Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_services_ThemeInterfacer / b5b1004b1f9e24e1f2ac42d600c5a938b4fe8945^! / .
commitb5b1004b1f9e24e1f2ac42d600c5a938b4fe8945[log] [tgz]
authorNicholas Chum <nicholaschum@gmail.com>Sun Jan 22 23:17:10 2017 -0500
committerNathan Chancellor <natechancellor@gmail.com>Fri Jan 27 10:37:29 2017 +0100
tree9a9ccac8c93fdd959a1cbb8b784d6e03f9b03c7a
parentbf57c2432cd329cea27fa8e7fe6b8bb92a45cd22 [diff]
Release 20P: Initiate the caller package checking system

Thanks to @bigrushdog for the original code from his no-root algorithm.

Change-Id: I5fc9d671cb6dd33067ae38c0c1d2dafc8599db2c
(cherry picked from commit 1c402c5e4385b2fe19c3b1a6da30c57974c577f7)

diff --git a/app/build.gradle b/app/build.gradle
index fee93e1..265096a 100644
--- a/app/build.gradle
+++ b/app/build.gradle

@@ -21,7 +21,7 @@
         minSdkVersion 21
         targetSdkVersion 23
         versionCode 20
-        versionName "twenty"
+        versionName "twenty - procyon"
     }
 
     buildTypes {

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 7790929..aaffdf2 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml

@@ -1,7 +1,7 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
           package="masquerade.substratum"
           android:versionCode="20"
-          android:versionName="twenty">
+          android:versionName="twenty - procyon">
 
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
     <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>

diff --git a/app/src/main/java/masquerade/substratum/util/Helper.java b/app/src/main/java/masquerade/substratum/util/Helper.java
index 0b65cb0..cccf493 100644
--- a/app/src/main/java/masquerade/substratum/util/Helper.java
+++ b/app/src/main/java/masquerade/substratum/util/Helper.java

@@ -1,15 +1,28 @@
 package masquerade.substratum.util;
 
+import android.app.PendingIntent;
 import android.content.BroadcastReceiver;
 import android.content.Context;
 import android.content.Intent;
 import android.os.Handler;
+import android.text.TextUtils;
 import android.util.Log;
 
 public class Helper extends BroadcastReceiver {
 
+    private static final String SUBSTRATUM_PACKAGE = "projekt.substratum";
+    private static final String MASQUERADE_TOKEN = "masquerade_token";
+    private static final String[] AUTHORIZED_CALLERS = new String[]{
+            SUBSTRATUM_PACKAGE,
+            "masquerade.substratum"
+    };
+
     @Override
     public void onReceive(Context context, Intent intent) {
+        if (!isCallerAuthorized(intent)) {
+            Log.d("Masquerade", "Caller not authorized");
+            return;
+        }
         Log.d("Masquerade",
                 "BroadcastReceiver has accepted Substratum's commands and is running now...");
         Root.requestRootAccess();
@@ -67,4 +80,34 @@
             }
         }
     }
+
+    private boolean isCallerAuthorized(Intent intent) {
+        PendingIntent token = null;
+        try {
+            token = intent.getParcelableExtra(MASQUERADE_TOKEN);
+        } catch (Exception e) {
+            Log.d("Masquerade", "Attempt to start service without a token, unauthorized");
+        }
+        if (token == null) {
+            return false;
+        }
+        // SECOND: we got a token, validate originating package
+        // if not in our white list, return null
+        String callingPackage = token.getCreatorPackage();
+        boolean isValidPackage = false;
+        for (int i = 0; i < AUTHORIZED_CALLERS.length; i++) {
+            if (TextUtils.equals(callingPackage, AUTHORIZED_CALLERS[i])) {
+                Log.d("Masquerade", callingPackage
+                        + " is an authorized calling package, next validate calling package perms");
+                isValidPackage = true;
+                break;
+            }
+        }
+        if (!isValidPackage) {
+            Log.d("Masquerade", callingPackage
+                    + " is not an authorized calling package");
+            return false;
+        }
+        return true;
+    }
 }
\ No newline at end of file