diff --git a/mobile/android/base/sync/repositories/android/PasswordsRepositorySession.java b/mobile/android/base/sync/repositories/android/PasswordsRepositorySession.java index d40e5e387b8..e7f41a453a1 100644 --- a/mobile/android/base/sync/repositories/android/PasswordsRepositorySession.java +++ b/mobile/android/base/sync/repositories/android/PasswordsRepositorySession.java @@ -327,6 +327,13 @@ public class PasswordsRepositorySession extends } // End deletion logic. + // Validate the incoming record. + if (!remoteRecord.isValid()) { + Logger.warn(LOG_TAG, "Incoming record is invalid. Reporting store failed."); + delegate.onRecordStoreFailed(new RuntimeException("Can't store invalid password record."), record.guid); + return; + } + // Now we're processing a non-deleted incoming record. if (existingRecord == null) { trace("Looking up match for record " + remoteRecord.guid); diff --git a/mobile/android/base/sync/repositories/domain/PasswordRecord.java b/mobile/android/base/sync/repositories/domain/PasswordRecord.java index 6eecb79581c..4a0d32be2f3 100644 --- a/mobile/android/base/sync/repositories/domain/PasswordRecord.java +++ b/mobile/android/base/sync/repositories/domain/PasswordRecord.java @@ -181,4 +181,25 @@ public class PasswordRecord extends Record { + "timePasswordChanged: " + this.timePasswordChanged + ", " + "timesUsed: " + this.timesUsed; } + + /** + * A PasswordRecord is considered valid if it abides by the database + * constraints of the PasswordsProvider (moz_logins). + * + * See toolkit/components/passwordmgr/storage-mozStorage.js for the + * definitions: + * + * http://hg.mozilla.org/mozilla-central/file/00955d61cc94/toolkit/components/passwordmgr/storage-mozStorage.js#l98 + */ + public boolean isValid() { + if (this.deleted) { + return true; + } + + return this.hostname != null && + this.encryptedUsername != null && + this.encryptedPassword != null && + this.usernameField != null && + this.passwordField != null; + } }