Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6c23a593 authored by Eric Biggers's avatar Eric Biggers
Browse files

Avoid NPE when trying to unlock user with wrong token handle 

Make it so that when LockSettingsInternal#unlockUserWithToken() is
called with a userId that exists but a tokenHandle that doesn't, it
returns false instead of throwing a NullPointerException.

Bug: 322415645
Test: atest com.android.server.locksettings
Change-Id: I34499d1842f2ad5d416d4f065d470be7f3318370
parent fe9c3c82

services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

+8 −2
Original line number Diff line number Diff line
@@ -1541,8 +1541,14 @@ class SyntheticPasswordManager { 
     */

    public @NonNull AuthenticationResult unlockTokenBasedProtector(

            IGateKeeperService gatekeeper, long protectorId, byte[] token, int userId) {

        SyntheticPasswordBlob blob = SyntheticPasswordBlob.fromBytes(loadState(SP_BLOB_NAME,

                    protectorId, userId));

        byte[] data = loadState(SP_BLOB_NAME, protectorId, userId);

        if (data == null) {

            AuthenticationResult result = new AuthenticationResult();

            result.gkResponse = VerifyCredentialResponse.ERROR;

            Slogf.w(TAG, "spblob not found for protector %016x, user %d", protectorId, userId);

            return result;

        }

        SyntheticPasswordBlob blob = SyntheticPasswordBlob.fromBytes(data);

        return unlockTokenBasedProtectorInternal(gatekeeper, protectorId, blob.mProtectorType,

                token, userId);

    }

services/tests/servicestests/src/com/android/server/locksettings/SyntheticPasswordTests.java

+8 −0
Original line number Diff line number Diff line
@@ -505,6 +505,14 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { 
        assertEquals(CREDENTIAL_TYPE_NONE, mService.getCredentialType(PRIMARY_USER_ID));

    }



    @Test

    public void testUnlockUserWithTokenWithBadHandleReturnsFalse() {

        final long badTokenHandle = 123456789;

        final byte[] token = "some-high-entropy-secure-token".getBytes();

        mService.initializeSyntheticPassword(PRIMARY_USER_ID);

        assertFalse(mLocalService.unlockUserWithToken(badTokenHandle, token, PRIMARY_USER_ID));

    }



    @Test

    public void testGetHashFactorPrimaryUser() throws RemoteException {

        LockscreenCredential password = newPassword("password");