Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

November Patches #1

Open
wants to merge 4 commits into
base: 12.1
Choose a base branch
from
Open

Conversation

OhMyVenyx
Copy link

No description provided.

Thomas Stuart and others added 4 commits November 13, 2022 14:11
It was shown that given a large phoneAccountHandles that are
over 1 mb, a TransactionTooLarge exception can be silently thrown
causing an empty list to be returned.

In order to prevent this behavior, all Lists that return a
PhoneAccountHandle or PhoneAccount have been switched to
ParceledListSlice.

bug: 236263294
Test: atest android.telecom.cts.PhoneAccountRegistrarTest
             #testRegisterPhoneAccountHandleWithFieldOverLimit
Change-Id: Ibc3814dabd59cf9f0f9505b88f2146a4c3c5e015
Merged-In: Ibc3814dabd59cf9f0f9505b88f2146a4c3c5e015
(cherry picked from commit deec8016b2dd8328e06ea506f69292a73da5186e)
Merged-In: Ibc3814dabd59cf9f0f9505b88f2146a4c3c5e015
Fix security vulnerability issue for multi user call redirections.

Currently we won't check if the PhoneAccountHandle provided by a
CallRedirectionService has multi-user capability or belong to the same
user as the current user. Add the check and disconnect the call if this
is an unexpected cross-user call redirection.

Bug: 235098883
Test: CallsManagerTest, manual test with test app provided in
b/235098883.

Change-Id: Ia8b9468aa2bb8e3157c227e2617ff6a52e0af119
Merged-In: Ia8b9468aa2bb8e3157c227e2617ff6a52e0af119
(cherry picked from commit f29ab7e1ec0e480e2d39d289d5aa3fc95aed2142)
(cherry picked from commit 6b0e9b46adcb7af1fcc19a92fc887e1b6ee19921)
Merged-In: Ia8b9468aa2bb8e3157c227e2617ff6a52e0af119
Hide any system alert window overlays when the screen that lets the user
enable/disable phone accounts is shown.

Test: Manual test with overlay shown from test app; verify that the overlay
is hidden when the phone account selection screen is opened.
Bug: 246933359

Change-Id: Ia0209d57ee9a672cde4196076845d77941dc3f68
(cherry picked from commit a7d57ace5819c4eef340aaf6744ad441d0369035)
Merged-In: Ia0209d57ee9a672cde4196076845d77941dc3f68
Currently if the registered self-managed phone account updated to a call
provider phone account, the enable state will be directly copied to the
updated one so that malicious app can perform call spoofing attack
without any permission requirements. Fix this by disallowing change a
self-managed phone account to a managed phone account.

Bug: 246930197
Test: CtsTelecomTestCases:SelfManagedConnectionSreviceTest
Change-Id: I8f7984cd491632b3219133044438b82ca4dec80e
Merged-In: I8f7984cd491632b3219133044438b82ca4dec80e
(cherry picked from commit 833dd8480adc773e36d388521a14fd8cd11d6a30)
Merged-In: I8f7984cd491632b3219133044438b82ca4dec80e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant