Fix vulnerability in LockSettings service
Fixes bug 30003944
Change-Id: I8700d4424c6186c8d5e71d2fdede0223ad86904d
(cherry picked from commit 2d71384a139ae27cbc7b57f06662bf6ee2010f2b)
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index 2e0dfa5..7f2f740 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -354,7 +354,7 @@
return false;
}
} catch (RemoteException re) {
- return true;
+ return false;
}
}
@@ -435,7 +435,7 @@
return false;
}
} catch (RemoteException re) {
- return true;
+ return false;
}
}
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index d64fe32..42e75c6 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -1215,6 +1215,9 @@
private VerifyCredentialResponse doVerifyPattern(String pattern, boolean hasChallenge,
long challenge, int userId) throws RemoteException {
checkPasswordReadPermission(userId);
+ if (TextUtils.isEmpty(pattern)) {
+ throw new IllegalArgumentException("Pattern can't be null or empty");
+ }
CredentialHash storedHash = mStorage.readPatternHash(userId);
return doVerifyPattern(pattern, storedHash, hasChallenge, challenge, userId);
}
@@ -1306,6 +1309,9 @@
private VerifyCredentialResponse doVerifyPassword(String password, boolean hasChallenge,
long challenge, int userId) throws RemoteException {
checkPasswordReadPermission(userId);
+ if (TextUtils.isEmpty(password)) {
+ throw new IllegalArgumentException("Password can't be null or empty");
+ }
CredentialHash storedHash = mStorage.readPasswordHash(userId);
return doVerifyPassword(password, storedHash, hasChallenge, challenge, userId);
}
