Prevent malicious app that could return private file from another package when sharing file in chat

app/src/main/java/org/linphone/activities/main/MainActivity.kt

@@ -389,7 +389,12 @@ class MainActivity : GenericActivity(), SnackBarActivity, NavController.OnDestin
         // Prevent this intent to be processed again
         intent.action = null
         intent.data = null
-        intent.extras?.clear()
+        val extras = intent.extras
+        if (extras != null) {
+            for (key in extras.keySet()) {
+                intent.removeExtra(key)
+            }
+        }
     }
 
     private fun handleMainIntent(intent: Intent) {

app/src/main/java/org/linphone/utils/FileUtils.kt

@@ -26,7 +26,10 @@ import android.content.Intent
 import android.database.CursorIndexOutOfBoundsException
 import android.net.Uri
 import android.os.Environment
+import android.os.ParcelFileDescriptor
+import android.os.Process.myUid
 import android.provider.OpenableColumns
+import android.system.Os.fstat
 import android.webkit.MimeTypeMap
 import androidx.core.content.FileProvider
 import java.io.*
@@ -270,6 +273,21 @@ class FileUtils {
             var result: String? = null
             val name: String = getNameFromUri(uri, context)
 
+            try {
+                if (fstat(
+                        ParcelFileDescriptor.open(
+                                File(uri.path),
+                                ParcelFileDescriptor.MODE_READ_ONLY
+                            ).fileDescriptor
+                    ).st_uid != myUid()
+                ) {
+                    Log.e("[File Utils] File descriptor UID different from our, denying copy!")
+                    return result
+                }
+            } catch (e: Exception) {
+                Log.e("[File Utils] Can't check file ownership: ", e)
+            }
+
             try {
                 val localFile: File = createFile(name)
                 val remoteFile =