From 572ec3c5a1dbcd5858939d629a75f147dc10dccb Mon Sep 17 00:00:00 2001
From: Yorke Lee <yorkelee@google.com>
Date: Mon, 13 Jul 2015 12:11:58 -0700
Subject: Fix SecurityException in DefaultVoicemailNotifier

Protect querying of ContentResolvers with the relevant
permission checks.

Check the correct permission in onHandleIntent of
CallLogNotificationsService.

Bug: 22436465
Change-Id: I7fed82545b10921c1a935f903a466d8894d7b7f1
---
 .../calllog/CallLogNotificationsService.java       |  2 +-
 .../dialer/calllog/DefaultVoicemailNotifier.java   | 34 +++++++++++++++++-----
 2 files changed, 27 insertions(+), 9 deletions(-)

(limited to 'src/com')

diff --git a/src/com/android/dialer/calllog/CallLogNotificationsService.java b/src/com/android/dialer/calllog/CallLogNotificationsService.java
index 9f48b0969..9a67b61b6 100644
--- a/src/com/android/dialer/calllog/CallLogNotificationsService.java
+++ b/src/com/android/dialer/calllog/CallLogNotificationsService.java
@@ -79,7 +79,7 @@ public class CallLogNotificationsService extends IntentService {
             return;
         }
 
-        if (!PermissionsUtil.hasPhonePermissions(this)) {
+        if (!PermissionsUtil.hasPermission(this, android.Manifest.permission.READ_CALL_LOG)) {
             return;
         }
 
diff --git a/src/com/android/dialer/calllog/DefaultVoicemailNotifier.java b/src/com/android/dialer/calllog/DefaultVoicemailNotifier.java
index 3d6eb0b87..d0553b4ac 100644
--- a/src/com/android/dialer/calllog/DefaultVoicemailNotifier.java
+++ b/src/com/android/dialer/calllog/DefaultVoicemailNotifier.java
@@ -16,6 +16,9 @@
 
 package com.android.dialer.calllog;
 
+import static android.Manifest.permission.READ_CALL_LOG;
+import static android.Manifest.permission.READ_CONTACTS;
+
 import android.app.Notification;
 import android.app.NotificationManager;
 import android.app.PendingIntent;
@@ -32,6 +35,7 @@ import android.text.TextUtils;
 import android.util.Log;
 
 import com.android.common.io.MoreCloseables;
+import com.android.contacts.common.util.PermissionsUtil;
 import com.android.dialer.DialtactsActivity;
 import com.android.dialer.R;
 import com.android.dialer.calllog.PhoneAccountUtils;
@@ -66,8 +70,8 @@ public class DefaultVoicemailNotifier {
                     (NotificationManager) context.getSystemService(Context.NOTIFICATION_SERVICE);
             ContentResolver contentResolver = context.getContentResolver();
             sInstance = new DefaultVoicemailNotifier(context, notificationManager,
-                    createNewCallsQuery(contentResolver),
-                    createNameLookupQuery(contentResolver));
+                    createNewCallsQuery(context, contentResolver),
+                    createNameLookupQuery(context, contentResolver));
         }
         return sInstance;
     }
@@ -243,8 +247,9 @@ public class DefaultVoicemailNotifier {
     }
 
     /** Create a new instance of {@link NewCallsQuery}. */
-    public static NewCallsQuery createNewCallsQuery(ContentResolver contentResolver) {
-        return new DefaultNewCallsQuery(contentResolver);
+    public static NewCallsQuery createNewCallsQuery(Context context,
+            ContentResolver contentResolver) {
+        return new DefaultNewCallsQuery(context.getApplicationContext(), contentResolver);
     }
 
     /**
@@ -270,13 +275,19 @@ public class DefaultVoicemailNotifier {
         private static final int TRANSCRIPTION_COLUMN_INDEX = 6;
 
         private final ContentResolver mContentResolver;
+        private final Context mContext;
 
-        private DefaultNewCallsQuery(ContentResolver contentResolver) {
+        private DefaultNewCallsQuery(Context context, ContentResolver contentResolver) {
+            mContext = context;
             mContentResolver = contentResolver;
         }
 
         @Override
         public NewCall[] query() {
+            if (!PermissionsUtil.hasPermission(mContext, READ_CALL_LOG)) {
+                Log.w(TAG, "No READ_CALL_LOG permission, returning null for calls lookup.");
+                return null;
+            }
             final String selection = String.format("%s = 1 AND %s = ?", Calls.NEW, Calls.TYPE);
             final String[] selectionArgs = new String[]{ Integer.toString(Calls.VOICEMAIL_TYPE) };
             Cursor cursor = null;
@@ -326,8 +337,9 @@ public class DefaultVoicemailNotifier {
     }
 
     /** Create a new instance of {@link NameLookupQuery}. */
-    public static NameLookupQuery createNameLookupQuery(ContentResolver contentResolver) {
-        return new DefaultNameLookupQuery(contentResolver);
+    public static NameLookupQuery createNameLookupQuery(Context context,
+            ContentResolver contentResolver) {
+        return new DefaultNameLookupQuery(context.getApplicationContext(), contentResolver);
     }
 
     /**
@@ -339,13 +351,19 @@ public class DefaultVoicemailNotifier {
         private static final int DISPLAY_NAME_COLUMN_INDEX = 0;
 
         private final ContentResolver mContentResolver;
+        private final Context mContext;
 
-        private DefaultNameLookupQuery(ContentResolver contentResolver) {
+        private DefaultNameLookupQuery(Context context, ContentResolver contentResolver) {
+            mContext = context;
             mContentResolver = contentResolver;
         }
 
         @Override
         public String query(String number) {
+            if (!PermissionsUtil.hasPermission(mContext, READ_CONTACTS)) {
+                Log.w(TAG, "No READ_CONTACTS permission, returning null for name lookup.");
+                return null;
+            }
             Cursor cursor = null;
             try {
                 cursor = mContentResolver.query(
-- 
cgit v1.2.3