FormData parser: no confirmation field without new password

This CL teached the FormData -> PasswordForm parser to prevent the
conclusion that there is a confirmation password field on a form which
has no new password field. This state does not correspond to reality.

Therefore this CL adds a DCHECK to verify this and also a sanitization
step for processing the server data.

Bug: 845426
Change-Id: I6ffffb31766f9271f0f8021f3aa249d1ee163730
Reviewed-on: https://chromium-review.googlesource.com/1116920Reviewed-by: Vadym Doroshenko <dvadym@chromium.org>
Commit-Queue: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#570764}

components/password_manager/core/browser/form_parsing/form_parser.cc

@@ -133,6 +133,8 @@ struct ParseResult {
   const FormFieldData* confirmation_password_field = nullptr;
 
   bool IsEmpty() {
+    DCHECK(!confirmation_password_field || new_password_field)
+        << "There is no password to confirm if there is no new password field.";
     return password_field == nullptr && new_password_field == nullptr;
   }
 };
@@ -179,6 +181,11 @@ std::unique_ptr<ParseResult> ParseUsingPredictions(
         break;
     }
   }
+  // If the server suggests there is a confirmation field but no new password,
+  // something went wrong. Sanitize the result.
+  if (result->confirmation_password_field && !result->new_password_field)
+    result->confirmation_password_field = nullptr;
+
   return result->IsEmpty() ? nullptr : std::move(result);
 }