Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / 174f792e60a24f21371d4536c600f793e3ce3bb5^! / .
commit174f792e60a24f21371d4536c600f793e3ce3bb5[log] [tgz]
authorEric Biggers <ebiggers@google.com>Wed Feb 22 00:28:29 2023 +0000
committerEric Biggers <ebiggers@google.com>Wed Feb 22 17:40:19 2023 +0000
tree31b28317d173175f0bd179810d382801edc2d435
parent8128beb12a6dea98700321a716d7e64105df6536 [diff]
Check for secdiscardable file missing

When trying to unlock a synthetic password protector whose
"secdiscardable" file has gone missing, return an error instead of
throwing a NullPointerException that crashes system_server.

Note, this scenario is not supposed to ever happen, and if it does there
is still no way to unlock the protector.  This change is merely a
robustness improvement to avoid unnecessarily crashing system_server,
not a fix for any actual underlying issue.

Bug: 269567270
Change-Id: If80fef0292d98ac3d53f7c4685afcaf742bbff2e
Merged-In: If80fef0292d98ac3d53f7c4685afcaf742bbff2e
(cherry picked from commit be9e388172d5bf1d90b968f561c05c1e32e4e991)

diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
index dee26e38..e592a22 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

@@ -1245,8 +1245,13 @@
                 }
                 sid = sidFromPasswordHandle(pwd.passwordHandle);
             }
-            protectorSecret = transformUnderSecdiscardable(stretchedLskf,
-                    loadSecdiscardable(protectorId, userId));
+            byte[] secdiscardable = loadSecdiscardable(protectorId, userId);
+            if (secdiscardable == null) {
+                Slog.e(TAG, "secdiscardable file not found");
+                result.gkResponse = VerifyCredentialResponse.ERROR;
+                return result;
+            }
+            protectorSecret = transformUnderSecdiscardable(stretchedLskf, secdiscardable);
         }
         // Supplied credential passes first stage weaver/gatekeeper check so it should be correct.
         // Notify the callback so the keyguard UI can proceed immediately.
@@ -1311,6 +1316,11 @@
             byte[] token, int userId) {
         AuthenticationResult result = new AuthenticationResult();
         byte[] secdiscardable = loadSecdiscardable(protectorId, userId);
+        if (secdiscardable == null) {
+            Slog.e(TAG, "secdiscardable file not found");
+            result.gkResponse = VerifyCredentialResponse.ERROR;
+            return result;
+        }
         int slotId = loadWeaverSlot(protectorId, userId);
         if (slotId != INVALID_WEAVER_SLOT) {
             if (!isWeaverAvailable()) {