drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am e339464f: am 1bcb6658: Merge "Fix issue #2834005: Android Settings.Secure bypass" into froyo

Browse Source 
Merge commit 'e339464f1c8efe7e53b761cf44ff5be6e537ecad' into gingerbread-plus-aosp

* commit 'e339464f1c8efe7e53b761cf44ff5be6e537ecad':
  Fix issue #2834005: Android Settings.Secure bypass
This commit is contained in:
Dianne Hackborn
2010-07-12 19:08:47 -07:00
committed by Android Git Automerger
parent 6ba9e6fbef e339464f1c
commit b0e787d2d6
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
packages/SettingsProvider/src/com/android/providers/settings/DatabaseHelper.java
View File

@ -49,6 +49,7 @@ import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import java.io.IOException;
import java.util.HashSet;
import java.util.List;
/**
@ -67,11 +68,29 @@ public class DatabaseHelper extends SQLiteOpenHelper {
private Context mContext;
private static final HashSet<String> mValidTables = new HashSet<String>();
static {
mValidTables.add("system");
mValidTables.add("secure");
mValidTables.add("bluetooth_devices");
mValidTables.add("bookmarks");
// These are old.
mValidTables.add("favorites");
mValidTables.add("gservices");
mValidTables.add("old_favorites");
}
public DatabaseHelper(Context context) {
super(context, DATABASE_NAME, null, DATABASE_VERSION);
mContext = context;
}
public static boolean isValidTable(String name) {
return mValidTables.contains(name);
}
private void createSecureTable(SQLiteDatabase db) {
db.execSQL("CREATE TABLE secure (" +
"_id INTEGER PRIMARY KEY AUTOINCREMENT," +

9
packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java
View File

@ -83,6 +83,9 @@ public class SettingsProvider extends ContentProvider {
SqlArguments(Uri url, String where, String[] args) {
if (url.getPathSegments().size() == 1) {
this.table = url.getPathSegments().get(0);
if (!DatabaseHelper.isValidTable(this.table)) {
throw new IllegalArgumentException("Bad root path: " + this.table);
}
this.where = where;
this.args = args;
} else if (url.getPathSegments().size() != 2) {
@ -91,6 +94,9 @@ public class SettingsProvider extends ContentProvider {
throw new UnsupportedOperationException("WHERE clause not supported: " + url);
} else {
this.table = url.getPathSegments().get(0);
if (!DatabaseHelper.isValidTable(this.table)) {
throw new IllegalArgumentException("Bad root path: " + this.table);
}
if ("system".equals(this.table) || "secure".equals(this.table)) {
this.where = Settings.NameValueTable.NAME + "=?";
this.args = new String[] { url.getPathSegments().get(1) };
@ -105,6 +111,9 @@ public class SettingsProvider extends ContentProvider {
SqlArguments(Uri url) {
if (url.getPathSegments().size() == 1) {
this.table = url.getPathSegments().get(0);
if (!DatabaseHelper.isValidTable(this.table)) {
throw new IllegalArgumentException("Bad root path: " + this.table);
}
this.where = null;
this.args = null;
} else {