ADHOC/replicant-packages_apps_Email
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9046b84805
replicant-packages_apps_Email/provider_src/com/android/email
History
Rohan Shah 9046b84805 Limit account id and id to longs 
The security issue occurs because id is allowed to be an arbitrary
path instead of being limited to what it is -- a long. Both id
and account id are now parsed into longs (and if either fails, an
error will be logged and null will be returned).

Tested/verified error is logged using the reported attack.

BUG=30745403

Change-Id: Ia21418545bbaeb96fb5ab6c3f4e71858e57b8684
(cherry picked from commit 9794d7e8216138adf143a3b6faf3d5683316a662)
2016-08-25 21:56:27 -07:00
..
activity/setup
mail Add additional analytics regarding our SSLSockets 2014-10-24 14:46:33 -07:00
provider Limit account id and id to longs 2016-08-25 21:56:27 -07:00
service Merge "Resend notifications when Accounts are changed" into ub-gmail-ur14-dev 2014-10-15 12:38:35 +00:00
setup
AttachmentInfo.java
DebugUtils.java
EmailConnectivityManager.java
EmailIntentService.java
FixedLengthInputStream.java
LegacyConversions.java
NotificationController.java
NotificationControllerCreator.java
NotificationControllerCreatorHolder.java
PeekableInputStream.java
Preferences.java
ResourceHelper.java
SecurityPolicy.java Don't allow disabling of the camera with managed profiles 2014-09-25 13:48:11 -07:00