b23716810173a7656f3613f07eb88e4ef8ec9e76 - SHIFTPHONES/android_frameworks_base

commit	b23716810173a7656f3613f07eb88e4ef8ec9e76	[log] [tgz]
author	Tetiana Meronyk <tetianameronyk@google.com>	Wed Jan 10 16:25:13 2024 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Thu Feb 08 05:20:24 2024 +0000
tree	87d1636e345eac6bf26b9b223b581553c5b77cdb
parent	a6e78a34bfacb1ac4dc53dd8efad256ddf464086 [diff]

Fix security vulnerability that creates user with no restrictions when accountOptions are too long.

Bug: 293602970
Test: atest UserManagerTest#testAddUserAccountData_validStringValuesAreSaved_validBundleIsSaved && atest UserManagerTest#testAddUserAccountData_invalidStringValuesAreTruncated_invalidBundleIsDropped
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8dc6feaee7c0a5cea093b5280acaad862921cf3e)
Merged-In: I23c971f671546ac085060add89485cfac6691ca3
Change-Id: I23c971f671546ac085060add89485cfac6691ca3

core/java/android/os/PersistableBundle.java[diff]
core/java/android/os/UserManager.java[diff]
core/java/com/android/internal/app/ConfirmUserCreationActivity.java[diff]
services/core/java/com/android/server/pm/UserManagerService.java[diff]
services/tests/servicestests/src/com/android/server/pm/UserManagerTest.java[diff]

5 files changed