Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_frameworks_base / 637e05ee0f5077f2cda8f0defaf29baeb251ad75
commit637e05ee0f5077f2cda8f0defaf29baeb251ad75[log] [tgz]
authorFelipe Leme <felipeal@google.com>Wed Dec 06 12:09:37 2017 -0800
committerFelipe Leme <felipeal@google.com>Wed Dec 06 16:58:13 2017 -0800
tree3859db1b2445b2a388004187ab44dca601765554
parent6798bc300e311c633c90ff67ccff09f7bb679c21 [diff]
Further improvements when app forges package info for autofill:

- Dont create a session if the component is not owned by the calling UID.
- Log metrics for forged attempts.
- Avoid possible NPEs on AutofillManager when context or client is null.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Bug: 69981710

Change-Id: I9695bc046f3eb8aeecfe44f80fd0366f68b2c635
4 files changed
tree: 3859db1b2445b2a388004187ab44dca601765554
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. telecomm/
  26. telephony/
  27. test-base/
  28. test-mock/
  29. test-runner/
  30. tests/
  31. tools/
  32. vr/
  33. wifi/
  34. Android.bp
  35. Android.mk
  36. CleanSpec.mk
  37. MODULE_LICENSE_APACHE2
  38. NOTICE
  39. pathmap.mk
  40. PREUPLOAD.cfg