Skip to content
Commit 637e05ee authored by Felipe Leme's avatar Felipe Leme
Browse files

Further improvements when app forges package info for autofill: 

- Dont create a session if the component is not owned by the calling UID.
- Log metrics for forged attempts.
- Avoid possible NPEs on AutofillManager when context or client is null.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases -t android.autofillservice.cts.VirtualContainerActivityTest#testAppCannotFakePackageName
Test: cts-tradefed run commandAndExit cts-dev -m CtsAutoFillServiceTestCases

Bug: 69981710

Change-Id: I9695bc046f3eb8aeecfe44f80fd0366f68b2c635
parent 6798bc30
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment