Fixed security issue for startActivity with potential malicious intent.

2019-07-17 18:40:34 +09:00 · 2019-07-17 18:40:34 +09:00 · 9559b8850e
parent 330b78b301
commit 9559b8850e
4 changed files with 14 additions and 24 deletions
--- a/twidere.component.common/src/main/java/org/mariotaku/twidere/constant/IntentConstants.java
+++ b/twidere.component.common/src/main/java/org/mariotaku/twidere/constant/IntentConstants.java
@ -170,7 +170,6 @@ public interface IntentConstants {
    String EXTRA_NEXT_PAGINATION = "next_pagination";
    String EXTRA_PREV_PAGINATION = "prev_pagination";
    String EXTRA_PAGINATION = "pagination";
-    String EXTRA_EXTRA_INTENT = "extra_intent";
    String EXTRA_IS_MY_ACCOUNT = "is_my_account";
    String EXTRA_TAB_TYPE = "tab_type";
    String EXTRA_ACCOUNT = "account";
@ -217,7 +216,6 @@ public interface IntentConstants {
    String EXTRA_LOADING_MORE = "loading_more";
    String EXTRA_PINNED_STATUS_IDS = "pinned_status_ids";
    String EXTRA_SHOULD_INIT_LOADER = "should_init_loader";
-    String EXTRA_START_INTENT = "start_intent";
    String EXTRA_SELECT_ONLY_ITEM_AUTOMATICALLY = "select_only_item_automatically";
    String EXTRA_OBJECT = "object";
    String EXTRA_SIMPLE_LAYOUT = "simple_layout";
--- a/twidere/src/main/kotlin/org/mariotaku/twidere/activity/AccountSelectorActivity.kt
+++ b/twidere/src/main/kotlin/org/mariotaku/twidere/activity/AccountSelectorActivity.kt
@ -84,13 +84,6 @@ class AccountSelectorActivity : BaseActivity(), OnItemClickListener {
    private val isSelectOnlyItemAutomatically: Boolean
        get() = intent.getBooleanExtra(EXTRA_SELECT_ONLY_ITEM_AUTOMATICALLY, false)

-    private val startIntent: Intent?
-        get() {
-            val startIntent = intent.getParcelableExtra<Intent>(EXTRA_START_INTENT)
-            startIntent?.setExtrasClassLoader(TwidereApplication::class.java.classLoader)
-            return startIntent
-        }
-
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(R.layout.activity_account_selector)
@ -157,12 +150,6 @@ class AccountSelectorActivity : BaseActivity(), OnItemClickListener {
        data.putExtra(EXTRA_ACCOUNT_KEY, account.key)
        data.putExtra(EXTRA_EXTRAS, intent.getBundleExtra(EXTRA_EXTRAS))

-        val startIntent = startIntent
-        if (startIntent != null) {
-            startIntent.putExtra(EXTRA_ACCOUNT_KEY, account.key)
-            startActivity(startIntent)
-        }
-
        setResult(Activity.RESULT_OK, data)
        finish()
    }
--- a/twidere/src/main/kotlin/org/mariotaku/twidere/activity/HomeActivity.kt
+++ b/twidere/src/main/kotlin/org/mariotaku/twidere/activity/HomeActivity.kt
@ -705,7 +705,6 @@ class HomeActivity : BaseActivity(), OnClickListener, OnPageChangeListener, Supp
        if (handleExtraIntent && refreshOnStart) {
            twitterWrapper.refreshAll()
        }
-        val extraIntent = intent.getParcelableExtra<Intent>(EXTRA_EXTRA_INTENT)

        val uri = intent.data
        @CustomTabType
@ -725,7 +724,7 @@ class HomeActivity : BaseActivity(), OnClickListener, OnPageChangeListener, Supp
                    }
                }
            }
-            if (initialTab == -1 && (extraIntent == null || !handleExtraIntent)) {
+            if (initialTab == -1 && !handleExtraIntent) {
                // Tab not found, open account specific page
                when (tabType) {
                    CustomTabType.NOTIFICATIONS_TIMELINE -> {
@ -739,10 +738,6 @@ class HomeActivity : BaseActivity(), OnClickListener, OnPageChangeListener, Supp
                }
            }
        }
-        if (extraIntent != null && handleExtraIntent) {
-            extraIntent.setExtrasClassLoader(classLoader)
-            startActivity(extraIntent)
-        }
        return initialTab
    }

--- a/twidere/src/main/kotlin/org/mariotaku/twidere/activity/LinkHandlerActivity.kt
+++ b/twidere/src/main/kotlin/org/mariotaku/twidere/activity/LinkHandlerActivity.kt
@ -46,6 +46,7 @@ import org.mariotaku.ktextension.set
 import org.mariotaku.ktextension.toDoubleOr
 import org.mariotaku.twidere.Constants.*
 import org.mariotaku.twidere.R
+import org.mariotaku.twidere.TwidereConstants
 import org.mariotaku.twidere.activity.iface.IControlBarActivity
 import org.mariotaku.twidere.activity.iface.IControlBarActivity.ControlBarShowHideHelper
 import org.mariotaku.twidere.constant.*
@ -131,9 +132,7 @@ class LinkHandlerActivity : BaseActivity(), SystemWindowInsetsCallback, IControl
            selectIntent.putExtra(EXTRA_SELECT_ONLY_ITEM_AUTOMATICALLY, true)
            selectIntent.putExtra(EXTRA_ACCOUNT_HOST, accountHost)
            selectIntent.putExtra(EXTRA_ACCOUNT_TYPE, accountType)
-            selectIntent.putExtra(EXTRA_START_INTENT, intent)
-            startActivity(selectIntent)
-            finish()
+            startActivityForResult(selectIntent, REQUEST_SELECT_ACCOUNT)
            return
        }

@ -210,6 +209,13 @@ class LinkHandlerActivity : BaseActivity(), SystemWindowInsetsCallback, IControl
                    Analyzer.log(PurchaseFinished.create(data!!))
                }
            }
+            REQUEST_SELECT_ACCOUNT -> {
+                if (requestCode == Activity.RESULT_OK && data != null) {
+                    startActivity(Intent(intent).putExtra(TwidereConstants.EXTRA_ACCOUNT_KEY,
+                            data.getParcelableExtra<UserKey>(TwidereConstants.EXTRA_ACCOUNT_KEY)))
+                }
+                finish()
+            }
            else -> {
                super.onActivityResult(requestCode, resultCode, data)
            }
@ -928,4 +934,8 @@ class LinkHandlerActivity : BaseActivity(), SystemWindowInsetsCallback, IControl
        val value = getQueryParameter(QUERY_PARAM_USER_KEY) ?: getQueryParameter(QUERY_PARAM_USER_ID)
        return value?.let(UserKey::valueOf)
    }
+
+    companion object {
+        const val REQUEST_SELECT_ACCOUNT = 101
+    }
 }