diff options
author | Ellen Arteca <emarteca@google.com> | 2024-03-18 22:08:26 +0000 |
---|---|---|
committer | Ellen Arteca <emarteca@google.com> | 2024-03-22 21:52:08 +0000 |
commit | 2c0a308fe744777ef8a48a264b58163cfef69e95 (patch) | |
tree | 8bcf9f96af6e35dcc81db6446dd8a931f7df61e2 | |
parent | e93eab4406aebaacf8f08d6a2255b85cb1aa0abb (diff) | |
download | Settings-main.tar.gz |
Wrap LockscreenCredential objects in try-with-resources.
This ensures the LockscreenCredential's `close()` method gets
called, which clears the `byte[]` field that stores the LSKF.
Bug: 320392352
Test: presubmit
Change-Id: If180967bcfc1d812edd4202b2d049a4b69d6105f
4 files changed, 20 insertions, 11 deletions
diff --git a/src/com/android/car/settings/security/CheckLockWorker.java b/src/com/android/car/settings/security/CheckLockWorker.java index cf11491b2..1e7d61609 100644 --- a/src/com/android/car/settings/security/CheckLockWorker.java +++ b/src/com/android/car/settings/security/CheckLockWorker.java @@ -90,8 +90,9 @@ public class CheckLockWorker extends Fragment implements LockPatternChecker.OnCh } mCheckInProgress = true; - LockPatternChecker.checkCredential(mLockPatternUtils, - LockscreenCredential.createPattern(pattern), userId, this); + try (LockscreenCredential toCheck = LockscreenCredential.createPattern(pattern)) { + LockPatternChecker.checkCredential(mLockPatternUtils, toCheck, userId, this); + } } /** diff --git a/src/com/android/car/settings/security/ChooseLockPinPasswordFragment.java b/src/com/android/car/settings/security/ChooseLockPinPasswordFragment.java index 1759db7bc..618002b1e 100644 --- a/src/com/android/car/settings/security/ChooseLockPinPasswordFragment.java +++ b/src/com/android/car/settings/security/ChooseLockPinPasswordFragment.java @@ -284,12 +284,12 @@ public class ChooseLockPinPasswordFragment extends BaseFragment { @Override public void onBackspaceClick() { - LockscreenCredential pin = getEnteredPassword(); - if (pin.size() > 0) { - mPasswordField.getText().delete(mPasswordField.getSelectionEnd() - 1, - mPasswordField.getSelectionEnd()); + try (LockscreenCredential pin = getEnteredPassword()) { + if (pin.size() > 0) { + mPasswordField.getText().delete(mPasswordField.getSelectionEnd() - 1, + mPasswordField.getSelectionEnd()); + } } - pin.zeroize(); } @Override @@ -302,8 +302,10 @@ public class ChooseLockPinPasswordFragment extends BaseFragment { } private boolean shouldEnableSubmit() { - return mPasswordHelper.validateCredential(getEnteredPassword(), mExistingCredential) + try (LockscreenCredential enteredCredential = getEnteredPassword()) { + return mPasswordHelper.validateCredential(enteredCredential, mExistingCredential) && (mSaveLockWorker == null || mSaveLockWorker.isFinished()); + } } private void updateSubmitButtonsState() { @@ -407,7 +409,9 @@ public class ChooseLockPinPasswordFragment extends BaseFragment { mPinPad.setEnterKeyIcon(mUiStage.enterKeyIcon); } - mPasswordHelper.validateCredential(getEnteredPassword(), mExistingCredential); + try (LockscreenCredential enteredCredential = getEnteredPassword()) { + mPasswordHelper.validateCredential(enteredCredential, mExistingCredential); + } mHintMessage.setText(mPasswordHelper.getCredentialValidationErrorMessages()); setHintIfNeeded(); diff --git a/src/com/android/car/settings/security/ConfirmLockPatternFragment.java b/src/com/android/car/settings/security/ConfirmLockPatternFragment.java index 9fbbc7d4f..3a3e90fc5 100644 --- a/src/com/android/car/settings/security/ConfirmLockPatternFragment.java +++ b/src/com/android/car/settings/security/ConfirmLockPatternFragment.java @@ -179,7 +179,11 @@ public class ConfirmLockPatternFragment extends BaseFragment { private void onCheckCompleted(boolean lockMatched, int timeoutMs) { if (lockMatched) { - mCheckLockListener.onLockVerified(LockscreenCredential.createPattern(mPattern)); + try (LockscreenCredential patternCred = LockscreenCredential.createPattern(mPattern)) { + // onLockVerified does not take ownership of the LockscreenCredential + // see CheckLockActivity#onLockVerified and VerifyLockChangeActivity#onLockVerified + mCheckLockListener.onLockVerified(patternCred); + } } else { if (timeoutMs > 0) { mConfirmLockLockoutHelper.onCheckCompletedWithTimeout(timeoutMs); diff --git a/src/com/android/car/settings/security/VerifyLockChangeActivity.java b/src/com/android/car/settings/security/VerifyLockChangeActivity.java index d5c263946..24da33ebf 100644 --- a/src/com/android/car/settings/security/VerifyLockChangeActivity.java +++ b/src/com/android/car/settings/security/VerifyLockChangeActivity.java @@ -60,7 +60,7 @@ public class VerifyLockChangeActivity extends BaseCarSettingsActivity implements @Override public void onLockVerified(LockscreenCredential lock) { Intent data = new Intent(); - data.putExtra(PasswordHelper.EXTRA_CURRENT_SCREEN_LOCK, lock); + data.putExtra(PasswordHelper.EXTRA_CURRENT_SCREEN_LOCK, lock.duplicate()); data.putExtra(PasswordHelper.EXTRA_CURRENT_PASSWORD_QUALITY, mPasswordQuality); setResult(RESULT_OK, data); finish(); |