Check caller's uid before allowing notification policy access.

Julia Reynolds · gitbuildkicker · commit 28460c294ebd · 2016-07-21T17:34:51.000-07:00
Bug: 29421441
Change-Id: I7460268595e932d54660b02007bcd68b95fe8aec
diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
@@ -1642,6 +1642,7 @@ private void enforceSystemOrSystemUI(String message) {
         }
 
         private void enforcePolicyAccess(String pkg, String method) {
+            checkCallerIsSameApp(pkg);
             if (!checkPolicyAccess(pkg)) {
                 Slog.w(TAG, "Notification policy access denied calling " + method);
                 throw new SecurityException("Notification policy access denied");
@@ -3130,6 +3131,10 @@ private static void checkCallerIsSystemOrSameApp(String pkg) {
         if (isCallerSystem()) {
             return;
         }
+        checkCallerIsSameApp(pkg);
+    }
+
+    private static void checkCallerIsSameApp(String pkg) {
         final int uid = Binder.getCallingUid();
         try {
             ApplicationInfo ai = AppGlobals.getPackageManager().getApplicationInfo(
