Security fix for vulnerability where an app could launch into the screen lock
change dialog without first confirming the existing password/pattern.
Also, make sure that the fragments are launched with the correct corresponding
activity.
Bug:
9858403
Change-Id: I0f2c00a44abeb624c6fba0497bf6036a6f1a4564
<!-- Second and third-level settings -->
-
<!-- Lock screen settings -->
<activity android:name="ConfirmLockPattern"/>
</intent-filter>
</activity>
+ <activity android:name="ChooseLockGeneric$InternalActivity" android:exported="false"
+ android:label="@string/lockpassword_choose_lock_generic_header"
+ android:excludeFromRecents="true"
+ />
+
<activity android:name="ChooseLockPattern" android:exported="false"/>
<activity android:name="ChooseLockPassword" android:exported="false"
return modIntent;
}
+ public static class InternalActivity extends ChooseLockGeneric {
+ }
+
public static class ChooseLockGenericFragment extends SettingsPreferenceFragment {
private static final int MIN_PASSWORD_LENGTH = 4;
private static final String KEY_UNLOCK_BACKUP_INFO = "unlock_backup_info";
// Defaults to needing to confirm credentials
final boolean confirmCredentials = getActivity().getIntent()
.getBooleanExtra(CONFIRM_CREDENTIALS, true);
- mPasswordConfirmed = !confirmCredentials;
+ if (getActivity() instanceof ChooseLockGeneric.InternalActivity) {
+ mPasswordConfirmed = !confirmCredentials;
+ }
if (savedInstanceState != null) {
mPasswordConfirmed = savedInstanceState.getBoolean(PASSWORD_CONFIRMED);
}
private Intent getBiometricSensorIntent() {
- Intent fallBackIntent = new Intent().setClass(getActivity(), ChooseLockGeneric.class);
+ Intent fallBackIntent = new Intent().setClass(getActivity(),
+ ChooseLockGeneric.InternalActivity.class);
fallBackIntent.putExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, true);
fallBackIntent.putExtra(CONFIRM_CREDENTIALS, false);
fallBackIntent.putExtra(EXTRA_SHOW_FRAGMENT_TITLE,
super.onCreate(savedInstanceState);
mLockPatternUtils = new LockPatternUtils(getActivity());
Intent intent = getActivity().getIntent();
+ if (!(getActivity() instanceof ChooseLockPassword)) {
+ throw new SecurityException("Fragment contained in wrong activity");
+ }
mRequestedQuality = Math.max(intent.getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY,
mRequestedQuality), mLockPatternUtils.getRequestedPasswordQuality());
mPasswordMinLength = Math.max(
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
mChooseLockSettingsHelper = new ChooseLockSettingsHelper(getActivity());
+ if (!(getActivity() instanceof ChooseLockPattern)) {
+ throw new SecurityException("Fragment contained in wrong activity");
+ }
}
@Override
topLayout.setDefaultTouchRecepient(mLockPatternView);
final boolean confirmCredentials = getActivity().getIntent()
- .getBooleanExtra("confirm_credentials", false);
+ .getBooleanExtra("confirm_credentials", true);
if (savedInstanceState == null) {
if (confirmCredentials) {