Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(34)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java

Issue 2133923002: Simplify caller checking logic in WebApkServiceImpl (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Merge branch 'master' into sandbox_on_transact1 Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/android/webapk/libs/runtime_library/junit/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImplTest.java ('k') | chrome/android/webapk/shell_apk/javatests/DEPS » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java
diff --git a/chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java b/chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java
index 0d18623149ebf4c8387073c3a2e5dbf81b593827..5fccbdc765864721a300d7fc9116520eaf64ac07 100644
--- a/chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java
+++ b/chrome/android/webapk/libs/runtime_library/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImpl.java
@@ -7,16 +7,10 @@ package org.chromium.webapk.lib.runtime_library;
import android.app.Notification;
import android.app.NotificationManager;
import android.content.Context;
-import android.content.pm.PackageManager;
import android.os.Binder;
import android.os.Bundle;
import android.os.Parcel;
import android.os.RemoteException;
-import android.util.Log;
-
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
/**
* Implements services offered by the WebAPK to Chrome.
@@ -24,7 +18,7 @@ import java.util.Set;
public class WebApkServiceImpl extends IWebApkApi.Stub {
public static final String KEY_SMALL_ICON_ID = "small_icon_id";
- public static final String KEY_HOST_BROWSER_PACKAGE = "host_browser_package";
+ public static final String KEY_HOST_BROWSER_UID = "host_browser_uid";
private static final String TAG = "WebApkServiceImpl";
@@ -36,15 +30,10 @@ public class WebApkServiceImpl extends IWebApkApi.Stub {
private final int mSmallIconId;
/**
- * Package name of only process allowed to call the service's methods. If a process with a
- * different package name calls the service, the service throws a RemoteException.
+ * Uid of only application allowed to call the service's methods. If an application with a
+ * different uid calls the service, the service throws a RemoteException.
*/
- private final String mHostPackage;
-
- /**
- * Uids of processes which are allowed to call the service.
- */
- private final Set<Integer> mAuthorizedUids = new HashSet<>();
+ private final int mHostUid;
/**
* Creates an instance of WebApkServiceImpl.
@@ -54,38 +43,16 @@ public class WebApkServiceImpl extends IWebApkApi.Stub {
public WebApkServiceImpl(Context context, Bundle bundle) {
mContext = context;
mSmallIconId = bundle.getInt(KEY_SMALL_ICON_ID);
- mHostPackage = bundle.getString(KEY_HOST_BROWSER_PACKAGE);
- assert mHostPackage != null;
- }
-
- boolean checkHasAccess(int uid, PackageManager packageManager) {
- String[] callingPackageNames = packageManager.getPackagesForUid(uid);
- Log.d(TAG, "Verifying bind request from: " + Arrays.toString(callingPackageNames) + " "
- + mHostPackage);
- if (callingPackageNames == null) {
- return false;
- }
-
- for (String packageName : callingPackageNames) {
- if (packageName.equals(mHostPackage)) {
- return true;
- }
- }
-
- Log.e(TAG, "Unauthorized request from uid: " + uid);
- return false;
+ mHostUid = bundle.getInt(KEY_HOST_BROWSER_UID);
+ assert mHostUid >= 0;
}
@Override
public boolean onTransact(int arg0, Parcel arg1, Parcel arg2, int arg3) throws RemoteException {
int callingUid = Binder.getCallingUid();
- if (!mAuthorizedUids.contains(callingUid)) {
- if (checkHasAccess(callingUid, mContext.getPackageManager())) {
- mAuthorizedUids.add(callingUid);
- } else {
- throw new RemoteException("Unauthorized caller " + callingUid
- + " does not match expected host=" + mHostPackage);
- }
+ if (mHostUid != callingUid) {
+ throw new RemoteException("Unauthorized caller " + callingUid
+ + " does not match expected host=" + mHostUid);
}
return super.onTransact(arg0, arg1, arg2, arg3);
}
« no previous file with comments | « chrome/android/webapk/libs/runtime_library/junit/src/org/chromium/webapk/lib/runtime_library/WebApkServiceImplTest.java ('k') | chrome/android/webapk/shell_apk/javatests/DEPS » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698