From 762b357ec94aef3e7ee6f991c553aa950840a8bc Mon Sep 17 00:00:00 2001 From: Yorke Lee Date: Fri, 18 Sep 2015 12:54:59 -0700 Subject: Protect against more Telecom privileged operations Make sure that all invocations of TelecomManager methods that could possibly require a permission are protected by a permission check. Some of these are overcautious - for example, the UI should never show the option to return to a call (READ_PHONE_STATE) if we didn't detect an active call (READ_PHONE_STATE) in the first place, so it is not strictly necessary to protect against the former. But not crashing is the most preferable of all options. Bug: 20266292 Change-Id: Id91dd16e34320a5e607f91dbce9a4296025eeaaf --- src/com/android/dialer/SpecialCharSequenceMgr.java | 24 +++++++++------------- 1 file changed, 10 insertions(+), 14 deletions(-) (limited to 'src/com/android/dialer/SpecialCharSequenceMgr.java') diff --git a/src/com/android/dialer/SpecialCharSequenceMgr.java b/src/com/android/dialer/SpecialCharSequenceMgr.java index 31aa5c3c7..994829a50 100644 --- a/src/com/android/dialer/SpecialCharSequenceMgr.java +++ b/src/com/android/dialer/SpecialCharSequenceMgr.java @@ -32,7 +32,6 @@ import android.os.Looper; import android.provider.Settings; import android.telecom.PhoneAccount; import android.telecom.PhoneAccountHandle; -import android.telecom.TelecomManager; import android.telephony.PhoneNumberUtils; import android.telephony.TelephonyManager; import android.text.TextUtils; @@ -48,7 +47,6 @@ import com.android.contacts.common.widget.SelectPhoneAccountDialogFragment.Selec import com.android.dialer.calllog.PhoneAccountUtils; import com.android.dialer.util.TelecomUtil; -import java.util.Arrays; import java.util.ArrayList; import java.util.List; @@ -91,13 +89,13 @@ public class SpecialCharSequenceMgr { private static QueryHandler sPreviousAdnQueryHandler; public static class HandleAdnEntryAccountSelectedCallback extends SelectPhoneAccountListener{ - final private TelecomManager mTelecomManager; + final private Context mContext; final private QueryHandler mQueryHandler; final private SimContactQueryCookie mCookie; - public HandleAdnEntryAccountSelectedCallback(TelecomManager telecomManager, + public HandleAdnEntryAccountSelectedCallback(Context context, QueryHandler queryHandler, SimContactQueryCookie cookie) { - mTelecomManager = telecomManager; + mContext = context; mQueryHandler = queryHandler; mCookie = cookie; } @@ -105,7 +103,7 @@ public class SpecialCharSequenceMgr { @Override public void onPhoneAccountSelected(PhoneAccountHandle selectedAccountHandle, boolean setDefault) { - Uri uri = mTelecomManager.getAdnUriForPhoneAccount(selectedAccountHandle); + Uri uri = TelecomUtil.getAdnUriForPhoneAccount(mContext, selectedAccountHandle); handleAdnQuery(mQueryHandler, mCookie, uri); // TODO: Show error dialog if result isn't valid. } @@ -193,6 +191,7 @@ public class SpecialCharSequenceMgr { * and query cancel handler implemented in {@link SimContactQueryCookie}. */ static boolean handleAdnEntry(Context context, String input, EditText textField) { + context = context.getApplicationContext(); /* ADN entries are of the form "N(N)(N)#" */ TelephonyManager telephonyManager = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE); @@ -245,20 +244,19 @@ public class SpecialCharSequenceMgr { sc.progressDialog.getWindow().addFlags( WindowManager.LayoutParams.FLAG_BLUR_BEHIND); - final TelecomManager telecomManager = - (TelecomManager) context.getSystemService(Context.TELECOM_SERVICE); List subscriptionAccountHandles = PhoneAccountUtils.getSubscriptionPhoneAccounts(context); boolean hasUserSelectedDefault = subscriptionAccountHandles.contains( - telecomManager.getDefaultOutgoingPhoneAccount(PhoneAccount.SCHEME_TEL)); + TelecomUtil.getDefaultOutgoingPhoneAccount(context, + PhoneAccount.SCHEME_TEL)); if (subscriptionAccountHandles.size() == 1 || hasUserSelectedDefault) { - Uri uri = telecomManager.getAdnUriForPhoneAccount(null); + Uri uri = TelecomUtil.getAdnUriForPhoneAccount(context, null); handleAdnQuery(handler, sc, uri); } else if (subscriptionAccountHandles.size() > 1){ SelectPhoneAccountListener callback = - new HandleAdnEntryAccountSelectedCallback(telecomManager, handler, sc); + new HandleAdnEntryAccountSelectedCallback(context, handler, sc); DialogFragment dialogFragment = SelectPhoneAccountDialogFragment.newInstance( subscriptionAccountHandles, callback); @@ -299,12 +297,10 @@ public class SpecialCharSequenceMgr { static boolean handlePinEntry(final Context context, final String input) { if ((input.startsWith("**04") || input.startsWith("**05")) && input.endsWith("#")) { - final TelecomManager telecomManager = - (TelecomManager) context.getSystemService(Context.TELECOM_SERVICE); List subscriptionAccountHandles = PhoneAccountUtils.getSubscriptionPhoneAccounts(context); boolean hasUserSelectedDefault = subscriptionAccountHandles.contains( - telecomManager.getDefaultOutgoingPhoneAccount(PhoneAccount.SCHEME_TEL)); + TelecomUtil.getDefaultOutgoingPhoneAccount(context, PhoneAccount.SCHEME_TEL)); if (subscriptionAccountHandles.size() == 1 || hasUserSelectedDefault) { // Don't bring up the dialog for single-SIM or if the default outgoing account is -- cgit v1.2.3