From 5fc602c0f54c09c5754aebddfbc8113d334c7ab6 Mon Sep 17 00:00:00 2001
From: Rami Potinkara <rami.potinkara@qt.io>
Date: Thu, 15 May 2025 10:14:16 +0300
Subject: [PATCH] Android: qtbase/src/android/. ./QtAndroidBinder.java security
 sensitive

This patch marks following files as security sensitive
-QtAndroidBinder.java - parsing data in onTransact(.., Parcel data,...) from
external source over IPC mechanism

Fixes: QTBUG-136815
Task-number: QTBUG-135178
Pick-to: 6.8
Change-Id: I022ee98be57a1a5b09beb7ccd07b4c04da612d2e
Reviewed-by: Assam Boudjelthia <assam.boudjelthia@qt.io>
(cherry picked from commit 7796ad3face5246ad62a959b61fdd3a92cea2803)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 .../jar/src/org/qtproject/qt/android/extras/QtAndroidBinder.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/android/jar/src/org/qtproject/qt/android/extras/QtAndroidBinder.java b/src/android/jar/src/org/qtproject/qt/android/extras/QtAndroidBinder.java
index 31a0d68c0a3..51e5ef50c88 100644
--- a/src/android/jar/src/org/qtproject/qt/android/extras/QtAndroidBinder.java
+++ b/src/android/jar/src/org/qtproject/qt/android/extras/QtAndroidBinder.java
@@ -1,5 +1,6 @@
 // Copyright (C) 2017 BogDan Vatra <bogdan@kde.org>
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
+// Qt-Security score:critical reason:data-parser
 
 package org.qtproject.qt.android.extras;