FileProvider, a subclass of ContentProvider, is intended to provide a secure method for an application ("server application") to share files

Improperly trusting ContentProvider-provided filename

submited by

Style Pass

2024-05-02 17:00:15

FileProvider, a subclass of ContentProvider, is intended to provide a secure method for an application ("server application") to share files with another application ("client application"). However, if the client application does not properly handle the filename provided by the server application, an attacker-controlled server application may be able to implement its own malicious FileProvider to overwrite files in the client application's app-specific storage.

If an attacker can overwrite an application's files, this can lead to malicious code execution (by overwriting the application's code), or allow otherwise modifying the application's behavior (for example, by overwriting the application's shared preferences or other configuration files).

Prefer working without user input when using file system calls by generating a unique filename when writing the received file to storage.