From f80e66ce9a57c4d3abf97e582c89292623b3904d Mon Sep 17 00:00:00 2001 From: Adrian Roos Date: Thu, 15 Jan 2015 23:27:24 +0100 Subject: Ensure new credentails are valid Follow-up to I6f369eb60f8f6bb1e33384cd06534c713ab52e79 Bug: 18931518 Change-Id: I311b255a034b0cec8fee70b0f4938e6ebb20d95e --- .../com/android/internal/widget/LockPatternUtils.java | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'core/java/com') diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java index ec01703..4719af1 100644 --- a/core/java/com/android/internal/widget/LockPatternUtils.java +++ b/core/java/com/android/internal/widget/LockPatternUtils.java @@ -100,6 +100,11 @@ public class LockPatternUtils { public static final int MIN_LOCK_PATTERN_SIZE = 4; /** + * The minimum size of a valid password. + */ + public static final int MIN_LOCK_PASSWORD_SIZE = 4; + + /** * The minimum number of dots the user must include in a wrong pattern * attempt for it to be counted against the counts that affect * {@link #FAILED_ATTEMPTS_BEFORE_TIMEOUT} and {@link #FAILED_ATTEMPTS_BEFORE_RESET} @@ -489,8 +494,9 @@ public class LockPatternUtils { */ public void saveLockPattern(List pattern, int userId) { try { - if (pattern == null) { - throw new IllegalArgumentException("pattern must not be null"); + if (pattern == null || pattern.size() < MIN_LOCK_PATTERN_SIZE) { + throw new IllegalArgumentException("pattern must not be null and at least " + + MIN_LOCK_PATTERN_SIZE + " dots long."); } getLockSettings().setLockPattern(patternToString(pattern), userId); @@ -701,8 +707,9 @@ public class LockPatternUtils { public void saveLockPassword(String password, int quality, int userHandle) { try { DevicePolicyManager dpm = getDevicePolicyManager(); - if (TextUtils.isEmpty(password)) { - throw new IllegalArgumentException("password must not be null nor empty"); + if (password == null || password.length() < MIN_LOCK_PASSWORD_SIZE) { + throw new IllegalArgumentException("password must not be null and at least " + + "of length " + MIN_LOCK_PASSWORD_SIZE); } getLockSettings().setLockPassword(password, userHandle); -- cgit v1.1