diff options
| author | Jeff Sharkey <jsharkey@android.com> | 2020-10-06 11:18:09 -0600 |
|---|---|---|
| committer | Jeff Sharkey <jsharkey@android.com> | 2020-10-06 11:18:09 -0600 |
| commit | 2d2e07e2ff43a13bf039fa755e5069849b5a8c51 (patch) | |
| tree | 19ac12f8732b1ed31cfef385391f24d2aa20c72e /core/java/android/permission/PermissionControllerManager.java | |
| parent | a3e52bf4e492786d3937d8926ea447e310f6ec98 (diff) | |
Tighten up Binder.clearCallingIdentity() usage.
The recently added AndroidFrameworkBinderIdentity Error Prone checker
examines code to ensure that any cleared identities are restored to
avoid obscure security vulnerabilities.
This change is a purely mechanical refactoring that adds the "final"
keyword to the cleared identity to ensure that it's not accidentally
modified before eventually being cleared. Here's the exact command
used to generate this CL:
$ find . -name "*.java" -exec sed -Ei \
's/ (long \w+ = .+?clearCallingIdentity)/ final \1/' \
{} \;
Bug: 155703208
Test: make
Exempt-From-Owner-Approval: trivial refactoring
Change-Id: I832c9d70c3dfcd8d669cf71939d97837becc973a
Diffstat (limited to 'core/java/android/permission/PermissionControllerManager.java')
| -rw-r--r-- | core/java/android/permission/PermissionControllerManager.java | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/core/java/android/permission/PermissionControllerManager.java b/core/java/android/permission/PermissionControllerManager.java index 17a78a8f301e..d6c95db95e85 100644 --- a/core/java/android/permission/PermissionControllerManager.java +++ b/core/java/android/permission/PermissionControllerManager.java @@ -308,7 +308,7 @@ public final class PermissionControllerManager { revokeRuntimePermissionsResult); return revokeRuntimePermissionsResult; }).whenCompleteAsync((revoked, err) -> { - long token = Binder.clearCallingIdentity(); + final long token = Binder.clearCallingIdentity(); try { if (err != null) { Log.e(TAG, "Failure when revoking runtime permissions " + revoked, err); @@ -358,7 +358,7 @@ public final class PermissionControllerManager { setRuntimePermissionGrantStateResult); return setRuntimePermissionGrantStateResult; }).whenCompleteAsync((setRuntimePermissionGrantStateResult, err) -> { - long token = Binder.clearCallingIdentity(); + final long token = Binder.clearCallingIdentity(); try { if (err != null) { Log.e(TAG, "Error setting permissions state for device admin " + packageName, @@ -477,7 +477,7 @@ public final class PermissionControllerManager { applyStagedRuntimePermissionBackupResult); return applyStagedRuntimePermissionBackupResult; }).whenCompleteAsync((applyStagedRuntimePermissionBackupResult, err) -> { - long token = Binder.clearCallingIdentity(); + final long token = Binder.clearCallingIdentity(); try { if (err != null) { Log.e(TAG, "Error restoring delayed permissions for " + packageName, err); @@ -623,7 +623,7 @@ public final class PermissionControllerManager { Log.e(TAG, "Error getting permission usages", err); callback.onPermissionUsageResult(Collections.emptyList()); } else { - long token = Binder.clearCallingIdentity(); + final long token = Binder.clearCallingIdentity(); try { callback.onPermissionUsageResult( CollectionUtils.emptyIfNull(getPermissionUsagesResult)); |