keyguard: Fix password doesnot sanitize after verification

Add sanitizePassword call after the verification is success so
that the password/pin/pattern goes to default_password. This
will avoid security vulnerability.

Change-Id: I711b9e38e1812bad9fa7ab8d0ab9e35963138a69

2 files changed, 2 insertions, 0 deletions

diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java b/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java
index b03871a..7fbd658 100644
--- a/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java
+++ b/packages/Keyguard/src/com/android/keyguard/KeyguardAbsKeyInputView.java
@@ -147,6 +147,7 @@ public abstract class KeyguardAbsKeyInputView extends LinearLayout
 
     private void onPasswordChecked(boolean matched, int timeoutMs, boolean isValidPassword) {
         if (matched) {
+            mLockPatternUtils.sanitizePassword();
             mDismissing = true;
             mCallback.reportUnlockAttempt(true, 0);
             mCallback.dismiss(true);
diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java b/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java
index f40d4fe..446f6c1 100644
--- a/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java
+++ b/packages/Keyguard/src/com/android/keyguard/KeyguardPatternView.java
@@ -262,6 +262,7 @@ public class KeyguardPatternView extends LinearLayout implements KeyguardSecurit
 
         private void onPatternChecked(boolean matched, int timeoutMs, boolean isValidPattern) {
             if (matched) {
+                mLockPatternUtils.sanitizePassword();
                 mCallback.reportUnlockAttempt(true, 0);
                 mLockPatternView.setDisplayMode(LockPatternView.DisplayMode.Correct);
                 mCallback.dismiss(true);