0fa9328b80245e6170522bf74dbae6a33122fbcb |
|
15-Aug-2017 |
Android Build Merger (Role) <android-build-merger@google.com> |
[automerger] Fix security hole in GateKeeperResponse. am: e74cae8f7c am: b1141b6ff0 am: 1cd9e8096f am: 6dfc8d8d4d am: a3c1de7e49 am: 4acf4fabf4 am: 40317127f4 am: 159cd14334 am: 24587d57cf Change-Id: If5cad5c0f361acda25df4d90de06821d16e689c0
|
e74cae8f7c3e6b12f2bf2b75427ee8f5b53eca3c |
|
14-Jul-2017 |
Charles He <qiurui@google.com> |
Fix security hole in GateKeeperResponse. GateKeeperResponse has inconsistent writeToParcel() and createFromParcel() methods, making it possible for a malicious app to create a Bundle that changes contents after reserialization. Such Bundles can be used to execute Intents with system privileges. This CL changes writeToParcel() to make serialization and deserialization consistent, thus fixing the issue. Bug: 62998805 Test: use the debug app (see bug) Change-Id: Ie1c64172c454c3a4b7a0919eb3454f0e38efcd09
/frameworks/base/core/java/android/service/gatekeeper/GateKeeperResponse.java
|
0cbc19e4a66f7db51596b57ca91afc6f5b27f3b4 |
|
09-Dec-2016 |
Rubin Xu <rubinxu@google.com> |
Add unit tests for LockSettingsService Add infrastructure and first sets of unit tests for LockSettingsService Bug: 33126408 Test: runtest frameworks-services -c com.android.server.LockSettingsServiceTests Change-Id: I4f3b7f6eaef7122f72b06bd11ce49134a093fe35
/frameworks/base/core/java/android/service/gatekeeper/GateKeeperResponse.java
|
2397427cb1a0bad8a42e6a342dcf29b31e40a234 |
|
15-May-2015 |
Andres Morales <anmorales@google.com> |
[LockSettings] migrate password attempt throttling to hardware leverage root protected, cryptographically secured hardware if available Bug: 21118563 Change-Id: Ifa804c5a0728bfd14466eb2a84051bace6d33d57
/frameworks/base/core/java/android/service/gatekeeper/GateKeeperResponse.java
|