ADHOC
/
replicant-packages_apps_Email
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
14,180 Commits 2 Branches 0 Tags 45 MiB
Java 99.6%
Makefile 0.3%
HTML 0.1%
Go to file
Rohan Shah a549245b2f Limit account id and id to longs 
The security issue occurs because id is allowed to be an arbitrary
path instead of being limited to what it is -- a long. Both id
and account id are now parsed into longs (and if either fails, an
error will be logged and null will be returned).

Tested/verified error is logged using the reported attack.

BUG=30745403

Change-Id: Ia21418545bbaeb96fb5ab6c3f4e71858e57b8684
(cherry picked from commit 9794d7e8216138adf143a3b6faf3d5683316a662)
 		2016-08-26 16:22:04 -07:00
assets Remove empty.html, which isn't used any more. 2010-12-22 11:59:31 -08:00
emailcommon Merge "Add analytics to track of what cipher suites are being used" into ub-gmail-ur14-dev 2014-10-24 19:34:10 +00:00
provider_src/com/android/email Limit account id and id to longs 2016-08-26 16:22:04 -07:00
res Import translations. DO NOT MERGE 2015-07-11 09:50:40 -07:00
src/com Don't allow cachedFile Attachments if the content Uri is pointing to EmailProvider. 2016-03-25 17:48:04 -07:00
tests Old paper clip asset is removed, which touches a test case here. 2014-09-22 14:00:00 -07:00
.classpath
.project
Android.mk Use $(SUPPORT_LIBRARY_ROOT) to reference support library resource dir. 2015-05-19 16:10:17 -07:00
AndroidManifest.xml stop exporting EmailAccountCacheProvider 2016-08-16 15:52:37 -07:00
CleanSpec.mk Remove unused resource directories 2013-09-06 10:23:02 -07:00
MODULE_LICENSE_APACHE2
NOTICE
proguard-test.flags Fix proguard rule 2014-08-06 00:41:47 -07:00
proguard.flags -keepclasses is not a proguard option 2014-12-22 17:11:04 +01:00