mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 02:38:22 -05:00
Android: Use more flexible userid when launching browser popup
It was possible for the Hotspot 2.0 case of OSU user interaction to fail with wpadebug browser due to permission denial in the "start" command ("java.lang.SecurityException: Permission Denial: startActivity asks to run as user -2 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL"). Avoid this by using more flexible USER_CURRENT_OR_SELF (-3) value with the --user argument. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
0d0f7ecbb1
commit
ac8757cc35
@ -96,7 +96,7 @@ int hs20_web_browser(const char *url)
|
|||||||
|
|
||||||
if (pid == 0) {
|
if (pid == 0) {
|
||||||
/* run the external command in the child process */
|
/* run the external command in the child process */
|
||||||
char *argv[12];
|
char *argv[14];
|
||||||
|
|
||||||
argv[0] = "browser-wpadebug";
|
argv[0] = "browser-wpadebug";
|
||||||
argv[1] = "start";
|
argv[1] = "start";
|
||||||
@ -109,7 +109,9 @@ int hs20_web_browser(const char *url)
|
|||||||
argv[8] = "-e";
|
argv[8] = "-e";
|
||||||
argv[9] = "w1.fi.wpadebug.URL";
|
argv[9] = "w1.fi.wpadebug.URL";
|
||||||
argv[10] = (void *) url;
|
argv[10] = (void *) url;
|
||||||
argv[11] = NULL;
|
argv[11] = "--user";
|
||||||
|
argv[12] = "-3"; /* USER_CURRENT_OR_SELF */
|
||||||
|
argv[13] = NULL;
|
||||||
|
|
||||||
execv("/system/bin/am", argv);
|
execv("/system/bin/am", argv);
|
||||||
wpa_printf(MSG_ERROR, "execv: %s", strerror(errno));
|
wpa_printf(MSG_ERROR, "execv: %s", strerror(errno));
|
||||||
|
Loading…
Reference in New Issue
Block a user