When reading from the parcel, if the number of colors is invalid, early
exit.
Add two more checks: setInfo must return true, and Parcel::readInplace
must return non-NULL. The former ensures that the previously read values
(width, height, etc) were valid, and the latter checks that the Parcel
had enough data even if the number of colors was reasonable.
Also use an auto-deleter to handle deletion of the SkBitmap.
Cherry pick from change-Id: Icbd562d6d1f131a723724883fd31822d337cf5a6
BUG=19666945
Change-Id: Iab0d218c41ae0c39606e333e44cda078eef32291
AccessibilityNodeInfo refresh was getting the latest cached
state but this is not good enough as an accessibility service
can execute an action on the node and then refresh it to get
the new state.
bug:16954787
Change-Id: I004b4987b8dc423a2ab7031a4fbfe64365ddd7fe
(cherry picked from commit 5738fec00db65e0ee246475a7236e57ba3ee8d55)
Due to a bug caught late in the release, this API is broken
and should be removed from API 22 because it's too late for
a fix and there's no workaround.
Bug 19461292
Change-Id: Ib0757a4484b14afe7f83ae9527bb3f5f4834ee62
A security leak was discovered whereby a malicious app could get the
IActivityContainer object from one app and use it to inject events
into another app. This fix removes the availability of the
IActivityContainer and replaces its one use with a method for
returning the information the IActivityContainer was used for.
Fixes bug 19394591.
Change-Id: Ib3cec25b25130cd8e098892c057742cfd575cfdd
Path can be null if sd card was ejected, and we shouldn't make a thumbnail
in that case.
Bug: 19380821
Change-Id: Iee69effdd321622de026ad7b57c74cf9da81a176
A security leak was discovered whereby a malicious app could get the
IActivityContainer object from one app and use it to inject events
into another app. This fix removes the availability of the
IActivityContainer and replaces its one use with a method for
returning the information the IActivityContainer was used for.
Fixes bug 19394591.
Change-Id: Ib3cec25b25130cd8e098892c057742cfd575cfdd
The GL layer gets exclusive use of the direct producer dimensions;
we should only set the user dimensions.
Bug: 16404608
Change-Id: Ie5b720104bdbee6b096b62520baa1c6b518c6c1c
When updating the RegisteredServicesCache, don't remove any packages
that are not in the list of modified packages.
Bug: 19228972
Change-Id: Id4f264403b7ceca9005854dfbbc25abfd7b54889
The special logic for clicking on views in accessibility mode should not
prevent event interception and if a view interceptes the gesture we must
clear the special flag and do normal event dispatch. Also once we have a
view handling the touch gesture we do not need the special flag as we
know what will handle the event. This tightly follows standard event
dispatching.
bug:19252492
Change-Id: I0c9764c5050ec73f5f7980f3f0340dd9509a725a
A view that has an accessibility node provider should not have real children
since the provider is responsible to generate the node infos for the subtree
rooted at its hosting view. This is how the APIs are designed to work. However,
it is a common mistake and if this occurs the accessibility services
introspecting the screen get into an infinite loop.
The framework now does not add the real children of a view with a node provider
to the list of accessibility children. If the developer wants them exposed they
have to do that via the provider APIs as per contract.
bug:19297093
Change-Id: I1b01b1e4a85e1c397886fcd2506b434beb063687
The clicking logic was missing the case where a child of the accessibility
focused view reacts to the injected down up events for clicking. This
results of a whole class of views being non-interactive. Now if an event
is targeting accessibility focus and the dispatching view group has this
focus, we clear the flag before dispatching to children, so they can
handle the event rather ignoring it becuase they are not accessibility
focused.
bug:19252492
Change-Id: I6ac25bb7a50b35bb638ca4bfb9fc4198d08c2d4d
