drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,835 Commits 1 Branch 0 Tags
Commit Graph

80835 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marco Nelissen
534f3e9438 am a3337bc7: Merge "Verify certificates" into jb-dev 
* commit 'a3337bc7c3a98ec12b6dec281e26c34f82025bdd':
  Verify certificates
 2014-03-20 10:04:23 -07:00
Marco Nelissen
a3337bc7c3 Merge "Verify certificates" into jb-dev 2014-03-20 16:58:37 +00:00
Victoria Lease
183f97b72f am 1c12f9e7: malloc some advances 
* commit '1c12f9e76298c757423155ad812890d27effafe8':
  malloc some advances
 2014-03-19 14:27:19 -07:00
Victoria Lease
1c12f9e762 malloc some advances 
Bug: 13506939
Change-Id: I87ad616960c4f16bc55d8b906049dbd4f001d6a5
(cherry picked from commit 3af2a37e057b31617b8f4eeb22ac3ef85c3fd5aa)
 2014-03-18 16:22:20 +00:00
Marco Nelissen
c936d73adb Verify certificates 
b/13418320

Cherrypicked from 7e435a011dd519f76a8ec1a8ed99a22bee5c3e26
https://googleplex-android-review.git.corp.google.com/#/c/433316/

Change-Id: I39c81b1557a16c7a4666a4531a398efa91dcb00c
 2014-03-17 11:14:18 -07:00
Paul Lawrence
da37ed8b0a am b9ba0c6c: Prevent authenticators from using Settings to launch arbitrary activities. 
* commit 'b9ba0c6c43f0f7f0d5e347030e3c86a86ed74542':
  Prevent authenticators from using Settings to  launch arbitrary activities.
 2014-02-27 11:16:49 -08:00
Paul Lawrence
b9ba0c6c43 Prevent authenticators from using Settings to launch arbitrary activities. 
Various authenticator results such as getAuthToken and addAccount might
result in an Intent returned to the AccountManager caller. A malicious
authenticator could exploit the fact that the Settings are a system app,
lead the user to launch add account for their account type and thus get
Settings to use the intent to start some arbitrary third parties Activity.

The fix is to make sure that the UID of the app associated with Activity
to be launched by the supplied intent and the Authenticators UID share
the same signature.  This means that an authenticator implementer can only
exploit apps they control.

This is a backport of 5bab9daf3cf66f4de19f8757e386030e8bef23ce

Bug: 7699048
Change-Id: Ifed345c2fc20020d55fa2cab1f2f7ea509ea09b2
 2014-02-27 09:09:48 -08:00
David Christie
bc39746ee9 am 8e0c7768: DO NOT MERGE: Clear cached locations when location providers disabled Bug: 12118307 
* commit '8e0c7768c87014fef277df84c737dd6c37fb8866':
  DO NOT MERGE: Clear cached locations when location providers disabled Bug: 12118307
 2014-01-10 12:53:41 -08:00
David Christie
8e0c7768c8 DO NOT MERGE: Clear cached locations when location providers disabled 
Bug: 12118307

Change-Id: Iae668409be5c5bd715681624b2a54a4daa690932
 2014-01-06 17:57:30 -08:00
Christopher Tate
43253333d2 am 50cbfd55: System package permission decls take precedence over 3rd party apps\' 
* commit '50cbfd554f0bdf05c701d8baf15c862fbb8a6dc0':
  System package permission decls take precedence over 3rd party apps'
 2013-11-08 12:27:10 -08:00
Christopher Tate
50cbfd554f System package permission decls take precedence over 3rd party apps' 
In particular, if a 3rd party app tries to define a permission that
turns out to be defined by system packages following an upgrade,
the system package gets ownership and grants are re-evaluated
on that basis.

Bug 11242510

(Cherry-pick backport to JB)

Change-Id: Iabf7b6280e6c6674a51af5624142bd19ea0750ed
 2013-11-07 19:04:22 -08:00
Amith Yamasani
ba1ae3af76 am 42786418: Don\'t instantiate non-Fragments in Fragment.instantiate 
* commit '427864188dfc5dd803b15797379b9dc6673abd16':
  Don't instantiate non-Fragments in Fragment.instantiate
 2013-09-27 11:10:36 -07:00
Amith Yamasani
427864188d Don't instantiate non-Fragments in Fragment.instantiate 
Backport...

Fix for PreferenceActivities being invoked with non-Fragment class
names via extras in the intent. Make sure that the constructor
doesn't get called if the class name is not for a Fragment type.
Bug: 9901133
Change-Id: I227756fb4246deac796cee09077e482237bb5b0d
 2013-09-27 10:28:09 -07:00
Kenny Root
a6226a2d20 am 32c99004: Use hostname verifier directly instead of instance 
* commit '32c990044f027542a034a7606cf010dca6df252f':
  Use hostname verifier directly instead of instance
 2013-08-13 17:27:49 -07:00
Kenny Root
32c990044f Use hostname verifier directly instead of instance 
Instead of local instance of the default HostnameVerifier, use it
directly from HttpsURLConnection. This avoids class preloading creating
an instance of it before it's necessary.

(cherry picked from commit 928ee1e48fa89302d02fdf8a8a2c7315d7195e7c)

Bug: 9984058
Change-Id: I56565afa0394dc98054abbaef06ac9bfff009e56
 2013-08-13 14:13:08 -07:00
Christopher Tate
1b0c9c95dc am 81c1d8d3: Ensure install-during-restore is like install-then-restore 
* commit '81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df':
  Ensure install-during-restore is like install-then-restore
 2013-05-06 14:53:10 -07:00
Christopher Tate
81c1d8d3a5 Ensure install-during-restore is like install-then-restore 
When we've installed an apk from the archive, recheck whether
to apply the system-uid policy restrictions around file system
restores.

Bug 8833099

(cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39)

Change-Id: I972fe1543f2234aa76baf562d6f806175ac0248e
 2013-05-06 14:43:05 -07:00
Nick Kralevich
f3a5323cc6 am 6d8f5b75: libdrm: fix bad strncpy / snprintf calls 
* commit '6d8f5b755b133b308204b84145d773d401cdcd52':
  libdrm: fix bad strncpy / snprintf calls
 2013-04-29 15:38:40 -07:00
Nick Kralevich
6d8f5b755b libdrm: fix bad strncpy / snprintf calls 
Fix the following bugs reported by IOActive:
* GOOGLE-AN01 - Android libdrm drm_parseDM.c Boundary-CRLF Buffer Overflow
* GOOGLE-AN02 - Android libdrm 'drm_parseDM.c' contentType-CRLF Buffer Overflow
* GOOGLE-AN03 - Android libdrm drm_parseDM.c contentID-CRLF Buffer Overflow
* GOOGLE-AN04 - Android libdrm 'parser_dcf.c' Multiple Headers Buffer Overflow
* GOOGLE-AN05 - Android libdrm 'parser_dcf.c' ContentType Buffer Overflow

Bug: 8727221

(cherry picked from commit 25619b2c6b3fd584affe20f34bfbf164a5ddbe7d)

Change-Id: I9a99c9b8a63c8b9efb3b2b650c735467b77120f2
 2013-04-29 15:31:03 -07:00
Selim Gurun
8237dd82bf am 93c39d5d: DO NOT MERGE Fix issues during backport 
* commit '93c39d5d4fe8a31da35f8d1d522acb7b676946af':
  DO NOT MERGE Fix issues during backport
 2013-04-05 12:05:52 -07:00
Selim Gurun
93c39d5d4f DO NOT MERGE Fix issues during backport 
Fix issues related to I219accd5db0c8a0e64b8aab3b049a8cee7dc168f.

Change-Id: Iacf72a9c618d59601c373de948a3f7cbfcbd7038
 2013-04-04 16:31:01 -07:00
Selim Gurun
9d47e7b6d4 am 7918cf4e: DO NOT MERGE Add a delimiter between scheme and host 
* commit '7918cf4e6b18ab1aa4dce1cb791bb88ec1f383d6':
  DO NOT MERGE Add a delimiter between scheme and host
 2013-04-04 11:08:35 -07:00
Selim Gurun
679c8f689f am 38915fd4: Revert "Add a delimiter between scheme and host" 
* commit '38915fd4d466cc233189bf5b5c11d7f03a416d35':
  Revert "Add a delimiter between scheme and host"
 2013-04-04 11:00:46 -07:00
Selim Gurun
7918cf4e6b DO NOT MERGE Add a delimiter between scheme and host 
Bug: 6923539
Change-Id: I219accd5db0c8a0e64b8aab3b049a8cee7dc168f
 2013-04-04 11:00:25 -07:00
Selim Gurun
38915fd4d4 Revert "Add a delimiter between scheme and host" 
This reverts commit aa2163dd2a7b59b284cfe8a2ff3966a1a1b0ebb8

Change-Id: I19e98182e97b8e81cabe3ff09897b82d50ce968e
 2013-04-04 17:14:29 +00:00
Selim Gurun
8225df007e am aa2163dd: Add a delimiter between scheme and host 
* commit 'aa2163dd2a7b59b284cfe8a2ff3966a1a1b0ebb8':
  Add a delimiter between scheme and host
 2013-04-03 21:05:40 -07:00
Selim Gurun
aa2163dd2a Add a delimiter between scheme and host 
Bug: 6923539
Change-Id: I49aac145e8e80a5af7475cfe93ef4a353d2d3fe6
 2013-04-01 16:04:23 -07:00
Christopher Tate
7b3ac9add8 am 0cb27e28: Validate restored file paths against their nominal domain 
* commit '0cb27e28071af59000198c8588c588a2e63cc0a3':
  Validate restored file paths against their nominal domain
 2013-03-25 14:05:47 -07:00
Christopher Tate
0cb27e2807 Validate restored file paths against their nominal domain 
Bug 8460775

(cherry picked from commit 7323765bbf13d9638cf2cc1e06113bffcdac46c4)

Change-Id: I6710503799a6df2de142a827513d5b4c107b6ec9
 2013-03-25 13:44:34 -07:00
Jeff Sharkey
bb2aa63be4 am a2e929e1: Tighten enforcement of file modes. 
* commit 'a2e929e1df62947b7967258f21fd05b27a571878':
  Tighten enforcement of file modes.
 2013-03-01 17:20:51 -08:00
Jeff Sharkey
a2e929e1df Tighten enforcement of file modes. 
Bug: 8275867
Change-Id: I4da14f2dd0049aca69636999696c1f3c02b3b792
 2013-03-01 16:17:09 -08:00
Joe Malin
d4289c6e20 am c84b3603: am 8dd6275e: Android Training: Multiple Threads 
* commit 'c84b3603fa27db68516187cea19de1e6a021152d':
  Android Training: Multiple Threads
 2012-12-19 10:33:14 -08:00
Joe Malin
c84b3603fa am 8dd6275e: Android Training: Multiple Threads 
* commit '8dd6275e2871bea1acb20cbdd98ea0451b3d5be0':
  Android Training: Multiple Threads
 2012-12-19 10:31:39 -08:00
Joe Malin
8dd6275e28 Android Training: Multiple Threads 
Change-Id: I58c472aa5ed82f6b4fb50d9bbb4e66841b9e99c3
 2012-12-19 09:47:04 -08:00
Joe Malin
cad9660fe7 am 7eef172e: am ba34f097: Android Training: Loading Data in the Background 
* commit '7eef172e9b1c4ffc97cb7b9ea4216c718a832926':
  Android Training: Loading Data in the Background
 2012-12-13 18:03:38 -08:00
Joe Malin
7eef172e9b am ba34f097: Android Training: Loading Data in the Background 
* commit 'ba34f097df278ce1861ebfecdaf634f519ba1f36':
  Android Training: Loading Data in the Background
 2012-12-13 17:58:19 -08:00
Joe Malin
ba34f097df Android Training: Loading Data in the Background 
Change-Id: Ibb469cd068068b37ea95371afb7e4dca4535ba94
 2012-12-13 17:07:53 -08:00
Joe Malin
7096a17e95 am 718c7484: am f0f5efbe: Android Training: Run in a Background Service 
* commit '718c7484cf008d45f8501ae7d0cd57b31f935934':
  Android Training: Run in a Background Service
 2012-12-13 16:16:54 -08:00
Joe Malin
718c7484cf am f0f5efbe: Android Training: Run in a Background Service 
* commit 'f0f5efbea206fd0fbac655519f3f535620ed74cc':
  Android Training: Run in a Background Service
 2012-12-13 16:15:36 -08:00
Joe Malin
f0f5efbea2 Android Training: Run in a Background Service 
Change-Id: I002af57c65eccd0a624e00ef4b1607469199ce6b
 2012-12-13 14:32:19 -08:00
Robert Greenwalt
011132a7d3 am b8da0376: Secure a handful of framework broadcasts 
* commit 'b8da0376f2d50fdb2ee58deacc6d2041689e36d1':
  Secure a handful of framework broadcasts
 2012-11-30 10:05:33 -08:00
Robert Greenwalt
b8da0376f2 Secure a handful of framework broadcasts 
At least one of these was getting spoofed in the wild.
We don't want to go too far this late in the game, but this is a good start.

bug:7622253
(cherry picked from commit 47918ae3b4e7ebb54711884e9ff9d0300591ab8b)

Conflicts:

	core/res/AndroidManifest.xml

Change-Id: I118b31489fe7add5b8d69289cab9f4e8ab269495
 2012-11-29 13:06:23 -08:00
kmccormick@google.com
d60ea46fe7 am a880436f: am b7863a3c: Merge "Doc update: new Notify User AU class" into jb-dev-docs 
* commit 'a880436f4416168d256822a23bd23f936136706d':
  Doc update: new Notify User AU class
 2012-11-27 16:54:01 -08:00
kmccormick@google.com
a880436f44 am b7863a3c: Merge "Doc update: new Notify User AU class" into jb-dev-docs 
* commit 'b7863a3ce4db964322783ff7e84acc5713e04d1d':
  Doc update: new Notify User AU class
 2012-11-27 16:52:00 -08:00
&& repo sync -j8
b7863a3ce4 Merge "Doc update: new Notify User AU class" into jb-dev-docs 2012-11-27 16:49:37 -08:00
&& repo sync -j8
0aae00051c Doc update: new Notify User AU class 
Change-Id: Idcda9535c5aa2602cf4f0aecb3ab4b1518ab966b
 2012-11-27 16:37:36 -08:00
kmccormick@google.com
7112cd4687 am 2f9947e9: am ddf10d44: Merge "Doc Update: Removed "no guaranteed delivery" line." into jb-dev-docs 
* commit '2f9947e9aa2b795dbc7db282a99a09410f1fadf2':
  Doc Update: Removed "no guaranteed delivery" line.
 2012-11-19 16:54:48 -08:00
kmccormick@google.com
2f9947e9aa am ddf10d44: Merge "Doc Update: Removed "no guaranteed delivery" line." into jb-dev-docs 
* commit 'ddf10d44c12fbd8ffb115c847913296b455f412d':
  Doc Update: Removed "no guaranteed delivery" line.
 2012-11-19 16:53:11 -08:00
&& repo sync -j8
ddf10d44c1 Merge "Doc Update: Removed "no guaranteed delivery" line." into jb-dev-docs 2012-11-19 16:51:09 -08:00
kmccormick@google.com
596d0e3881 am f53c5f36: am d1ae2721: Merge "Doc Update: Fixing images" into jb-dev-docs 
* commit 'f53c5f3683b71d232a78e04ea06649dd5e4bfee1':
  Doc Update: Fixing images
 2012-11-15 09:49:21 -08:00