tag 7e51532f611f2a3ce848ab654b6f57c93db4c84c
tagger The Android Open Source Project <initial-contribution@android.com> Mon Aug 01 13:20:57 2022 -0700
object 1616b2851c2fb17210ed78275830f296876174da

Android Security 10.0.0 Release 69 (8712615)

commit 1616b2851c2fb17210ed78275830f296876174da
author Hall Liu <hallliu@google.com> Thu Aug 20 19:06:57 2020 -0700
committer Anis Assi <anisassi@google.com> Thu Sep 10 13:51:38 2020 -0700
tree 26923d66c8678966819585748807f3a7ecec93c7
parent d75e7f1c4c325b6948f7758c0f80e51f2583a4fe

RESTRICT AUTOMERGE Fix exported broadcast receiver vulnerability

CellBroadcastReceiver was declared as exported in the manifest and
therefore allowed any app to send a MARK_AS_READ intent, even though
it's only supposed to be called from an internal PendingIntent. Fix this
by creating a new non-exported receiver and using that to handle the
mark-as-read intent instead.

Fixes: 162741784
Test: atest GoogleCellBroadcastReceiverUnitTests
Change-Id: I03c8163c22a6fbc92613ca2ccd2ac191fc0084a4
Merged-In: I03c8163c22a6fbc92613ca2ccd2ac191fc0084a4
(cherry picked from commit e514bc6a01fdd36a519fd4fefffa45f166911c97)
(cherry picked from commit 22d8e34f8a629ea21accc94a43f7157dcd69f7d0)