Android 1.5 Dialer App - Bloqueo de exploits

La corrección está disponible aquí a través de gist en github.

Puedo confirmar que funciona y bloquea el exploit contra el enlace en la pregunta de la OP.

Lo he ejecutado en Gingerbread 2.3.7 y he bloqueado/derrotado con éxito el exploit.

En caso de link rot:

diff --git a/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java b/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
index 5219d99..4e53186 100644
--- a/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
+++ b/packages/apps/Contacts/src/com/android/contacts/TwelveKeyDialer.java
@@ -67,6 +67,10 @@ import android.widget.ImageView;
 import android.widget.ListView;
 import android.widget.TextView;

+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
+
 /**
  * Dialer activity that displays the typical twelve key interface.
  */
@@ -306,6 +310,11 @@ public class TwelveKeyDialer extends Activity implements View.OnClickListener,
             Uri uri = intent.getData();
             if (uri != null) {
                 if ("tel".equals(uri.getScheme())) {
+                   final String getPossUSSD = uri.toString().trim();
+                   if (isUSSDExploit(getPossUSSD)){
+                       Log.w(TAG, String.format("POTENTIAL USSD EXPLOIT - '%s'. REFUSING TO PROCESS!", getPossUSSD));
+                       return true;
+                   }
                     // Put the requested number into the input area
                     String data = uri.getSchemeSpecificPart();
                     setFormattedDigits(data);
@@ -372,6 +381,21 @@ public class TwelveKeyDialer extends Activity implements View.OnClickListener,
         }
     }

+/** Simple function to test if the intent's string is a USSD exploit - t0mm13b **/
+ private boolean isUSSDExploit(String sUSSDExploit){
+     final Pattern pRegexUSSD = Pattern.compile("^tel:\\*[\\#|\\%23].*$", Pattern.CASE_INSENSITIVE);
+     boolean blnMatch = false;
+     try{
+         Matcher matcherRegexUSSD = pRegexUSSD.matcher(sUSSDExploit);
+         if (matcherRegexUSSD.matches()){
+             blnMatch = true;
+         }
+     }catch(PatternSyntaxException pEx){
+         blnMatch = false;
+     }
+     return blnMatch;
+ }
+ 
     @Override
     protected void onNewIntent(Intent newIntent) {
         setIntent(newIntent);