frameworks/base
| 修訂 | 71509777b4c16f9e42fae92a287c4287a2fd9a06 (tree) |
|---|---|
| 時間 | 2019-12-17 05:46:39 |
| 作者 | Sterling Huber <hubers@goog...> |
| Commiter | Manjae Park |
RESTRICT AUTOMERGE
Make toasts non-clickable
Since enforcement was only on client-side, in Toast class, an app could
use reflection (or other means) to make the Toast clickable. This is a
security vulnerability since it allows tapjacking, that is, intercept touch
events and do stuff like steal PINs and passwords.
This CL brings the enforcement to the system by applying flag
FLAG_NOT_TOUCHABLE.
Test: Construct app that uses reflection to remove flag FLAG_NOT_TOUCHABLE and
Bug: 128674520
Change-Id: Ica346c853dcb9a1e494f7143ba1c38d22c0003d0
(cherry picked from commit 54e6a3c4fbf2eb70541932074ed650dcf22113ed)
| @@ -2618,6 +2618,8 @@ public class PhoneWindowManager implements WindowManagerPolicy { | ||
| 2618 | 2618 | attrs.hideTimeoutMilliseconds = TOAST_WINDOW_TIMEOUT; |
| 2619 | 2619 | } |
| 2620 | 2620 | attrs.windowAnimations = com.android.internal.R.style.Animation_Toast; |
| 2621 | + // Toasts can't be clickable | |
| 2622 | + attrs.flags |= WindowManager.LayoutParams.FLAG_NOT_TOUCHABLE; | |
| 2621 | 2623 | break; |
| 2622 | 2624 | } |
| 2623 | 2625 |
Fork
services/core/java/com/android/server/policy/PhoneWindowManager.java