Add ComponentName explicitly to make sure arbitary intents aren't launched from Settings.

Bug: 378902342
Flag: EXEMPT security fix
(cherry picked from commit 6a896b6b26d445800773e1b4649895bea17eac1f)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:947f4571bcd7aef74fd70d533fa26e06e088dab3)
Merged-In: I0e67f1258cb427c5b998e40a8a0c104af3ead042
Change-Id: I0e67f1258cb427c5b998e40a8a0c104af3ead042

1 files changed, 8 insertions, 1 deletions

diff --git a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
index 7cfeb1cc193..a90bea09747 100644
--- a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
+++ b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
@@ -264,7 +264,14 @@ public class AccountTypePreferenceLoader {
         try {
             // Allows to launch only authenticator owned activities.
             ApplicationInfo authenticatorAppInf = pm.getApplicationInfo(authDesc.packageName, 0);
-            return resolvedAppInfo.uid == authenticatorAppInf.uid;
+            if (resolvedAppInfo.uid == authenticatorAppInf.uid) {
+                // Explicitly set the component to be same as authenticator to
+                // prevent launching arbitrary activities.
+                intent.setComponent(resolvedActivityInfo.getComponentName());
+                return true;
+            } else {
+                return false;
+            }
         } catch (NameNotFoundException e) {
             Log.e(TAG,
                 "Intent considered unsafe due to exception.",