diff options
| author | Michael Groover <mpgroover@google.com> | 2021-03-03 17:48:18 -0800 |
|---|---|---|
| committer | Michael Groover <mpgroover@google.com> | 2021-03-04 20:49:22 -0800 |
| commit | c200ac8d6b282ac950894e616d462feb8ebfe8b0 (patch) | |
| tree | bfa0c8b395d2d002cbcfe9d4d6dad1db475c6117 /core/java/android/content/Intent.java | |
| parent | 96a995dce0fc22b03aa882c76df0d5b03f026c09 (diff) | |
Report UnsafeIntentLaunchViolation for Intents parsed from URIs
Android 12 introduced a new StrictMode check to report an unsafe Intent
launch from an unparceled Intent; however Intents can also be delivered
and parsed from URIs. This commit updates this check to also report a
violation when an intent is launched from a parsed URI.
Bug: 181818650
Test: atest StrictModeTest
Change-Id: I51e8118c539b73848c4c2b889df8532969f54c53
Diffstat (limited to 'core/java/android/content/Intent.java')
| -rw-r--r-- | core/java/android/content/Intent.java | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/core/java/android/content/Intent.java b/core/java/android/content/Intent.java index d352b273f882..de17fda82d71 100644 --- a/core/java/android/content/Intent.java +++ b/core/java/android/content/Intent.java @@ -6761,6 +6761,12 @@ public class Intent implements Parcelable, Cloneable { * #putExtras(Bundle)} when the provided Bundle has not been unparceled. */ private static final int LOCAL_FLAG_UNFILTERED_EXTRAS = 1 << 3; + + /** + * Local flag indicating this instance was created from a {@link Uri}. + */ + private static final int LOCAL_FLAG_FROM_URI = 1 << 4; + // --------------------------------------------------------------------- // --------------------------------------------------------------------- // toUri() and parseUri() options. @@ -7173,6 +7179,16 @@ public class Intent implements Parcelable, Cloneable { * @see #toUri */ public static Intent parseUri(String uri, @UriFlags int flags) throws URISyntaxException { + Intent intent = parseUriInternal(uri, flags); + intent.mLocalFlags |= LOCAL_FLAG_FROM_URI; + return intent; + } + + /** + * @see #parseUri(String, int) + */ + private static Intent parseUriInternal(String uri, @UriFlags int flags) + throws URISyntaxException { int i = 0; try { final boolean androidApp = uri.startsWith("android-app:"); @@ -7392,7 +7408,9 @@ public class Intent implements Parcelable, Cloneable { } public static Intent getIntentOld(String uri) throws URISyntaxException { - return getIntentOld(uri, 0); + Intent intent = getIntentOld(uri, 0); + intent.mLocalFlags |= LOCAL_FLAG_FROM_URI; + return intent; } private static Intent getIntentOld(String uri, int flags) throws URISyntaxException { @@ -11353,6 +11371,13 @@ public class Intent implements Parcelable, Cloneable { StrictMode.onUnsafeIntentLaunch(this); } else if ((mLocalFlags & LOCAL_FLAG_UNFILTERED_EXTRAS) != 0) { StrictMode.onUnsafeIntentLaunch(this); + } else if ((mLocalFlags & LOCAL_FLAG_FROM_URI) != 0 + && !(mCategories != null && mCategories.contains(CATEGORY_BROWSABLE) + && mComponent == null)) { + // Since the docs for #URI_ALLOW_UNSAFE recommend setting the category to browsable + // for an implicit Intent parsed from a URI a violation should be reported if these + // conditions are not met. + StrictMode.onUnsafeIntentLaunch(this); } } } |