keyguard: Fix password doesnot sanitize after verification

Brahmaji K · hyperb1iss · commit cca9cb7a8a64 · 2016-05-21T05:05:57.000-07:00
Add sanitizePassword call after the verification is success so
that the password/pin/pattern goes to default_password. This
will avoid security vulnerability.

Change-Id: I711b9e38e1812bad9fa7ab8d0ab9e35963138a69
diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java b/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java
@@ -147,6 +147,7 @@ public void onChecked(boolean matched, int timeoutMs) {
 
     private void onPasswordChecked(boolean matched, int timeoutMs, boolean isValidPassword) {
         if (matched) {
+            mLockPatternUtils.sanitizePassword();
             mDismissing = true;
             mCallback.reportUnlockAttempt(true, 0);
             mCallback.dismiss(true);
diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java b/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java
@@ -262,6 +262,7 @@ public void onChecked(boolean matched, int timeoutMs) {
 
         private void onPatternChecked(boolean matched, int timeoutMs, boolean isValidPattern) {
             if (matched) {
+                mLockPatternUtils.sanitizePassword();
                 mCallback.reportUnlockAttempt(true, 0);
                 mLockPatternView.setDisplayMode(LockPatternView.DisplayMode.Correct);
                 mCallback.dismiss(true);
