From 0e35f8454eb993da74bd4fb5d0c089e068b87cbf Mon Sep 17 00:00:00 2001
From: Jihoon Kim <jihoon48.kim@samsung.com>
Date: Thu, 18 Aug 2016 10:40:24 +0900
Subject: [PATCH] edje_entry: Make a result of retrieve_surrounding_cb secure

Summary:
Regardless of the password mode of Entry,
_edje_entry_imf_retrieve_surrounding_cb alwalys passes plain_text
to any callers who register that callback.

This commit replace plain text with '*'
because current behavior could be a security hole in some case.

Reviewers: woohyun, id213sin, jihoon

Reviewed By: jihoon

Subscribers: cedric, jsuya, z-wony, jpeg

Differential Revision: https://phab.enlightenment.org/D4238
---
 src/lib/edje/edje_entry.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/lib/edje/edje_entry.c b/src/lib/edje/edje_entry.c
index fca05a0ead..dae01925f3 100644
--- a/src/lib/edje/edje_entry.c
+++ b/src/lib/edje/edje_entry.c
@@ -4411,6 +4411,13 @@ _edje_entry_imf_retrieve_surrounding_cb(void *data, Ecore_IMF_Context *ctx EINA_
 
              if (plain_text)
                {
+                  if (ecore_imf_context_input_hint_get(ctx) & ECORE_IMF_INPUT_HINT_SENSITIVE_DATA)
+                    {
+                       char *itr = NULL;
+                       for (itr = plain_text; itr && *itr; ++itr)
+                         *itr = '*';
+                    }
+
                   *text = strdup(plain_text);
 
                   free(plain_text);