Fix Unsafe deserialization of Parcel data Intent (#1691)

* Fix crash produced by unsafe deserialization of Parcel data passed on the intent

* Fix crash produced by unsafe deserialization of Parcel data passed on the intent on other activities and renamed intent extension method

src/Android/Accessibility/AccessibilityActivity.cs

@@ -6,6 +6,7 @@ using Android.Views;
 using System;
 using Bit.Core.Abstractions;
 using Bit.Core.Utilities;
+using Bit.Droid.Utilities;
 
 namespace Bit.Droid.Accessibility
 {
@@ -17,6 +18,7 @@ namespace Bit.Droid.Accessibility
 
         protected override void OnCreate(Bundle bundle)
         {
+            Intent?.Validate();
             base.OnCreate(bundle);
             HandleIntent(Intent, 932473);
         }

src/Android/Android.csproj

@@ -150,6 +150,7 @@
     <Compile Include="WebAuthCallbackActivity.cs" />
     <Compile Include="Renderers\SelectableLabelRenderer.cs" />
     <Compile Include="Services\ClipboardService.cs" />
+    <Compile Include="Utilities\IntentExtensions.cs" />
   </ItemGroup>
   <ItemGroup>
     <AndroidAsset Include="Assets\FontAwesome.ttf" />

src/Android/MainActivity.cs

@@ -19,6 +19,7 @@ using System.Threading.Tasks;
 using AndroidX.Core.Content;
 using Bit.App.Utilities;
 using ZXing.Net.Mobile.Android;
+using Android.Util;
 
 namespace Bit.Droid
 {
@@ -60,6 +61,9 @@ namespace Bit.Droid
             TabLayoutResource = Resource.Layout.Tabbar;
             ToolbarResource = Resource.Layout.Toolbar;
 
+            // this needs to be called here before base.OnCreate(...)
+            Intent?.Validate();
+
             base.OnCreate(savedInstanceState);
             if (!CoreHelpers.InDebugMode())
             {

src/Android/Utilities/IntentExtensions.cs

@@ -0,0 +1,22 @@
+using Android.Content;
+using Android.OS;
+
+namespace Bit.Droid.Utilities
+{
+    public static class IntentExtensions
+    {
+        public static void Validate(this Intent intent)
+        {
+            try
+            {
+                // Check if getting the bundle of the extras causes any exception when unparcelling
+                // Note: getting the bundle like this will cause to call unparcel() internally
+                var b = intent?.Extras?.GetBundle("trashstringwhichhasnousebuttocheckunparcel");
+            }
+            catch (BadParcelableException)
+            {
+                intent.ReplaceExtras((Bundle)null);
+            }
+        }
+    }
+}

src/Android/WebAuthCallbackActivity.cs

@@ -1,5 +1,7 @@
 using Android.App;
 using Android.Content.PM;
+using Android.OS;
+using Bit.Droid.Utilities;
 
 namespace Bit.Droid
 {
@@ -9,5 +11,12 @@ namespace Bit.Droid
     [IntentFilter(new[] { Android.Content.Intent.ActionView },
         Categories = new[] { Android.Content.Intent.CategoryDefault, Android.Content.Intent.CategoryBrowsable },
         DataScheme = "bitwarden")]
-    public class WebAuthCallbackActivity : Xamarin.Essentials.WebAuthenticatorCallbackActivity { }
+    public class WebAuthCallbackActivity : Xamarin.Essentials.WebAuthenticatorCallbackActivity
+    {
+        protected override void OnCreate(Bundle savedInstanceState)
+        {
+            Intent?.Validate();
+            base.OnCreate(savedInstanceState);
+        }
+    }
 }