From fab2f0fddbf28cf3ed8608ab9053b2c985d241f7 Mon Sep 17 00:00:00 2001 From: Bryan Ferris Date: Fri, 6 Sep 2019 11:17:05 -0700 Subject: Require unlock for custom SMS dialog Currently when a call is recieved there is an option to write a custom text message in response to the call. This could allow an attacker to imporsonate the user. With this change devices that have a lock screen set will require that the pattern/pin/password be entered before a custom message can be written. This is a cherry-pick from the Pixel dialer. The original commit can be found at cl/257702865 Bug: b/137102479 Test: Call phone running the modified dialer and attempt to send a custom message Change-Id: Ib6822436bcebc799e7e920f1a5898d107dd619db --- .../incallui/answer/impl/AnswerFragment.java | 49 ++++++++++++++++++++-- 1 file changed, 46 insertions(+), 3 deletions(-) diff --git a/java/com/android/incallui/answer/impl/AnswerFragment.java b/java/com/android/incallui/answer/impl/AnswerFragment.java index 8d8b08791..2405b8edd 100644 --- a/java/com/android/incallui/answer/impl/AnswerFragment.java +++ b/java/com/android/incallui/answer/impl/AnswerFragment.java @@ -22,10 +22,15 @@ import android.animation.AnimatorListenerAdapter; import android.animation.AnimatorSet; import android.animation.ObjectAnimator; import android.annotation.SuppressLint; +import android.annotation.TargetApi; +import android.app.KeyguardManager; +import android.app.KeyguardManager.KeyguardDismissCallback; import android.content.Context; import android.content.pm.PackageManager; import android.location.Location; import android.net.Uri; +import android.os.Build.VERSION; +import android.os.Build.VERSION_CODES; import android.os.Bundle; import android.os.Handler; import android.os.Looper; @@ -1052,14 +1057,47 @@ public class AnswerFragment extends Fragment } @Override + @TargetApi(VERSION_CODES.O) public void smsSelected(@Nullable CharSequence text) { LogUtil.i("AnswerFragment.smsSelected", null); textResponsesFragment = null; if (text == null) { - createCustomSmsDialogFragment = CreateCustomSmsDialogFragment.newInstance(); - createCustomSmsDialogFragment.show(getChildFragmentManager(), null); - return; + if (VERSION.SDK_INT < VERSION_CODES.O) { + LogUtil.i("AnswerFragment.smsSelected", "below O, showing dialog directly"); + showCustomSmsDialog(); + return; + } + if (!getContext().getSystemService(KeyguardManager.class).isKeyguardLocked()) { + LogUtil.i("AnswerFragment.smsSelected", "not locked, showing dialog directly"); + showCustomSmsDialog(); + return; + } + + // Show the custom reply dialog only after device is unlocked, as it may cause impersonation + // see b/137134588 + LogUtil.i("AnswerFragment.smsSelected", "dismissing keyguard"); + getContext() + .getSystemService(KeyguardManager.class) + .requestDismissKeyguard( + getActivity(), + new KeyguardDismissCallback() { + @Override + public void onDismissCancelled() { + LogUtil.i("AnswerFragment.smsSelected", "onDismissCancelled"); + } + + @Override + public void onDismissError() { + LogUtil.i("AnswerFragment.smsSelected", "onDismissError"); + } + + @Override + public void onDismissSucceeded() { + LogUtil.i("AnswerFragment.smsSelected", "onDismissSucceeded"); + showCustomSmsDialog(); + } + });return; } if (primaryCallState != null && canRejectCallWithSms()) { @@ -1068,6 +1106,11 @@ public class AnswerFragment extends Fragment } } + private void showCustomSmsDialog() { + createCustomSmsDialogFragment = CreateCustomSmsDialogFragment.newInstance(); + createCustomSmsDialogFragment.showNow(getChildFragmentManager(), null); + } + @Override public void smsDismissed() { LogUtil.i("AnswerFragment.smsDismissed", null); -- cgit v1.2.3