edje_entry: Make a result of retrieve_surrounding_cb secure

Summary:
Regardless of the password mode of Entry,
_edje_entry_imf_retrieve_surrounding_cb alwalys passes plain_text
to any callers who register that callback.

This commit replace plain text with '*'
because current behavior could be a security hole in some case.

Reviewers: woohyun, id213sin, jihoon

Reviewed By: jihoon

Subscribers: cedric, jsuya, z-wony, jpeg

Differential Revision: https://phab.enlightenment.org/D4238

diff --git a/src/lib/edje/edje_entry.c b/src/lib/edje/edje_entry.c
index fca05a0..dae0192 100644 (file)
--- a/src/lib/edje/edje_entry.c
+++ b/src/lib/edje/edje_entry.c
@@ -4411,6 +4411,13 @@ _edje_entry_imf_retrieve_surrounding_cb(void *data, Ecore_IMF_Context *ctx EINA_
 
              if (plain_text)
                {
+                  if (ecore_imf_context_input_hint_get(ctx) & ECORE_IMF_INPUT_HINT_SENSITIVE_DATA)
+                    {
+                       char *itr = NULL;
+                       for (itr = plain_text; itr && *itr; ++itr)
+                         *itr = '*';
+                    }
+
                   *text = strdup(plain_text);
 
                   free(plain_text);