Go to file
Rohan Shah 9046b84805 Limit account id and id to longs
The security issue occurs because id is allowed to be an arbitrary
path instead of being limited to what it is -- a long. Both id
and account id are now parsed into longs (and if either fails, an
error will be logged and null will be returned).

Tested/verified error is logged using the reported attack.

BUG=30745403

Change-Id: Ia21418545bbaeb96fb5ab6c3f4e71858e57b8684
(cherry picked from commit 9794d7e8216138adf143a3b6faf3d5683316a662)
2016-08-25 21:56:27 -07:00
assets Remove empty.html, which isn't used any more. 2010-12-22 11:59:31 -08:00
emailcommon Merge "Add analytics to track of what cipher suites are being used" into ub-gmail-ur14-dev 2014-10-24 19:34:10 +00:00
provider_src/com/android/email Limit account id and id to longs 2016-08-25 21:56:27 -07:00
res Import translations. DO NOT MERGE 2015-07-11 09:50:40 -07:00
src/com Don't allow cachedFile Attachments if the content Uri is pointing to EmailProvider. 2016-03-25 17:48:04 -07:00
tests Old paper clip asset is removed, which touches a test case here. 2014-09-22 14:00:00 -07:00
.classpath Initial Contribution 2008-10-21 07:00:00 -07:00
.project Initial Contribution 2008-10-21 07:00:00 -07:00
Android.mk Use $(SUPPORT_LIBRARY_ROOT) to reference support library resource dir. 2015-05-19 16:10:17 -07:00
AndroidManifest.xml stop exporting EmailAccountCacheProvider 2016-07-21 17:35:18 -07:00
CleanSpec.mk Remove unused resource directories 2013-09-06 10:23:02 -07:00
MODULE_LICENSE_APACHE2 auto import from //depot/cupcake/@135843 2009-03-03 19:32:22 -08:00
NOTICE auto import from //depot/cupcake/@135843 2009-03-03 19:32:22 -08:00
proguard-test.flags Fix proguard rule 2014-08-06 00:41:47 -07:00
proguard.flags -keepclasses is not a proguard option 2014-12-22 17:11:04 +01:00