hacky workaround to determine if uri points to private file on < lolipop
This commit is contained in:
parent
4332b0df44
commit
594e65bb2b
|
@ -693,13 +693,29 @@ public class FileBackend {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static boolean weOwnFile(Uri uri) {
|
public static boolean weOwnFile(Context context, Uri uri) {
|
||||||
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) {
|
if (uri == null || !ContentResolver.SCHEME_FILE.equals(uri.getScheme())) {
|
||||||
return false;
|
return false;
|
||||||
|
} else if (Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP) {
|
||||||
|
return fileIsInFilesDir(context, uri);
|
||||||
} else {
|
} else {
|
||||||
return uri != null
|
return weOwnFileLollipop(uri);
|
||||||
&& ContentResolver.SCHEME_FILE.equals(uri.getScheme())
|
}
|
||||||
&& weOwnFileLollipop(uri);
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This is more than hacky but probably way better than doing nothing
|
||||||
|
* Further 'optimizations' might contain to get the parents of CacheDir and NoBackupDir
|
||||||
|
* and check against those as well
|
||||||
|
*/
|
||||||
|
private static boolean fileIsInFilesDir(Context context, Uri uri) {
|
||||||
|
try {
|
||||||
|
final String haystack = context.getFilesDir().getParentFile().getCanonicalPath();
|
||||||
|
final String needle = new File(uri.getPath()).getCanonicalPath();
|
||||||
|
return needle.startsWith(haystack);
|
||||||
|
} catch (IOException e) {
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -403,7 +403,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
|
||||||
public void attachFileToConversation(final Conversation conversation,
|
public void attachFileToConversation(final Conversation conversation,
|
||||||
final Uri uri,
|
final Uri uri,
|
||||||
final UiCallback<Message> callback) {
|
final UiCallback<Message> callback) {
|
||||||
if (FileBackend.weOwnFile(uri)) {
|
if (FileBackend.weOwnFile(this, uri)) {
|
||||||
Log.d(Config.LOGTAG,"trying to attach file that belonged to us");
|
Log.d(Config.LOGTAG,"trying to attach file that belonged to us");
|
||||||
callback.error(R.string.security_error_invalid_file_access, null);
|
callback.error(R.string.security_error_invalid_file_access, null);
|
||||||
return;
|
return;
|
||||||
|
@ -446,7 +446,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
|
||||||
}
|
}
|
||||||
|
|
||||||
public void attachImageToConversation(final Conversation conversation, final Uri uri, final UiCallback<Message> callback) {
|
public void attachImageToConversation(final Conversation conversation, final Uri uri, final UiCallback<Message> callback) {
|
||||||
if (FileBackend.weOwnFile(uri)) {
|
if (FileBackend.weOwnFile(this, uri)) {
|
||||||
Log.d(Config.LOGTAG,"trying to attach file that belonged to us");
|
Log.d(Config.LOGTAG,"trying to attach file that belonged to us");
|
||||||
callback.error(R.string.security_error_invalid_file_access, null);
|
callback.error(R.string.security_error_invalid_file_access, null);
|
||||||
return;
|
return;
|
||||||
|
|
|
@ -191,7 +191,7 @@ public class PublishProfilePictureActivity extends XmppActivity {
|
||||||
Uri source = data.getData();
|
Uri source = data.getData();
|
||||||
switch (requestCode) {
|
switch (requestCode) {
|
||||||
case REQUEST_CHOOSE_FILE_AND_CROP:
|
case REQUEST_CHOOSE_FILE_AND_CROP:
|
||||||
if (FileBackend.weOwnFile(source)) {
|
if (FileBackend.weOwnFile(this, source)) {
|
||||||
Toast.makeText(this,R.string.security_error_invalid_file_access,Toast.LENGTH_SHORT).show();
|
Toast.makeText(this,R.string.security_error_invalid_file_access,Toast.LENGTH_SHORT).show();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -204,7 +204,7 @@ public class PublishProfilePictureActivity extends XmppActivity {
|
||||||
Crop.of(source, destination).asSquare().withMaxSize(size, size).start(this);
|
Crop.of(source, destination).asSquare().withMaxSize(size, size).start(this);
|
||||||
break;
|
break;
|
||||||
case REQUEST_CHOOSE_FILE:
|
case REQUEST_CHOOSE_FILE:
|
||||||
if (FileBackend.weOwnFile(source)) {
|
if (FileBackend.weOwnFile(this, source)) {
|
||||||
Toast.makeText(this,R.string.security_error_invalid_file_access,Toast.LENGTH_SHORT).show();
|
Toast.makeText(this,R.string.security_error_invalid_file_access,Toast.LENGTH_SHORT).show();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue