Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit eec02e9f authored by Ellen Arteca's avatar Ellen Arteca
Browse files

Wipe the LockscreenCredential in DPMS#resetPasswordInternal 

This CL adds try-with-resources around LockscreenCredential objects,
in order to call `close()` when the resource is done being used.
This also clears the LSKF `byte[]` representation in the LockscreenCredential.

This CL applies the above changes to the DevicePolicyManagerService.

Bug: 320392352
Test: build
Change-Id: Iad642dd4706ae052affc2f9ac6d6f0695870728d
parent 810d0720

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+10 −7
Original line number Diff line number Diff line
@@ -5672,15 +5672,18 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 














    private boolean resetPasswordInternal(String password, long tokenHandle, byte[] token,















            int flags, CallerIdentity caller) {













        final int callingUid = caller.getUid();













        final int userHandle = UserHandle.getUserId(callingUid);















        final boolean isPin = PasswordMetrics.isNumericOnly(password);













        final LockscreenCredential newCredential;













        if (isPin) {













            newCredential = LockscreenCredential.createPin(password);













        } else {













            newCredential = LockscreenCredential.createPasswordOrNone(password);













        try (LockscreenCredential newCredential =













                isPin ? LockscreenCredential.createPin(password) :













                       LockscreenCredential.createPasswordOrNone(password)) {













            return resetPasswordInternal(newCredential, tokenHandle, token, flags, caller);













        }















    }

























    private boolean resetPasswordInternal(LockscreenCredential newCredential,













            long tokenHandle, byte[] token, int flags, CallerIdentity caller) {













        final int callingUid = caller.getUid();













        final int userHandle = UserHandle.getUserId(callingUid);















        synchronized (getLockObject()) {















            final PasswordMetrics minMetrics = getPasswordMinimumMetricsUnchecked(userHandle);















            final int complexity = getAggregatedPasswordComplexityLocked(userHandle);