Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash when using the secret service on a secret with a matching entry in the recycle bin #7933

Closed
JGoutin opened this issue Apr 21, 2022 · 11 comments · Fixed by #8021
Closed

Crash when using the secret service on a secret with a matching entry in the recycle bin #7933

JGoutin opened this issue Apr 21, 2022 · 11 comments · Fixed by #8021
Assignees
@Aetf
Labels
crash 💥 feature: Secret Service high priority 🚨
Milestone
v2.7.2

Comments

@JGoutin
Copy link

JGoutin commented Apr 21, 2022
edited
Loading

Overview

KeepassXC crashes when using the "Secret Service Integration" in some conditions.

The crash occurs when I try to access a specific secret from Pycharm (But not all secrets, even with Pycharm).

EDIT: In fact, this is because there is a similar entry in the recycle bin (See: #7933 (comment)).

Steps to Reproduce

  1. Open KeepassXC
  2. Open Pycharm (Configured to use "native keychain")
  3. "Git pull" to trigger the access to the Git credentials in the keychain.
  4. KeepassXC crashed

Expected Behavior

KeepassXC does not crash.

Actual Behavior

KeepassXC crash immediately when accessing the secret.

Context

The issue is with the version 2.7.1, but was not in the 2.6.6 version.
KeepassXC was installed using the OS provided package.
If I reinstall the 2.6.6 version, the crash does not occur.

The secret that always generates the crash look like (DOMAIN and PASSWORD are replaced values):

  • Entry/Title: IntelliJ Platform Git HTTP — http://DOMAIN@dev.azure.com
  • Entry/Password: http://DOMAIN\@dev.azure.com@PASSWORD
  • Advanced/Additional attributes/account: http://DOMAIN@dev.azure.com
  • Advanced/Additional attributes/service: IntelliJ Platform Git HTTP — http://DOMAIN@dev.azure.com
  • Advanced/Additional attributes/xdg:schema: com.intellij.credentialStore.Credential

This other secret is also used from Pycharm in an equivalent context, but always works as intended (UUID and PASSWORD are replaced values, UUID is a common UUID in standard format):

  • Entry/Title: IntelliJ Platform GitHub — UUID
  • Entry/Password: UUID@PASSWORD
  • Advanced/Additional attributes/account: UUID
  • Advanced/Additional attributes/service: IntelliJ Platform GitHub — UUID
  • Advanced/Additional attributes/xdg:schema: com.intellij.credentialStore.Credential

I get the following debug info (I only put logs that were generated after I triggered the access to the secret):

gdb

Thread 1 "keepassxc" received signal SIGSEGV, Segmentation fault.
FdoSecrets::Item::ensureBackend (this=this@entry=0x0) at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/objects/Item.cpp:341
341             if (!m_backend) {

strace

write(7, 0x7ffdf5508ce0, 8)             = 8
futex(0x7f6c740180e0, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 0, NULL, FUTEX_BITSET_MATCH_ANY) = 0
futex(0x7f6c74018090, FUTEX_WAKE_PRIVATE, 1) = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 89
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x5622700d8298, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 6498
read(27, "", 9886)                      = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x562270e71c28, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 342
read(28, "", 16042)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 13
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x5622700d8298, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 100
read(27, "", 16284)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x562270e71c28, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 322
read(28, "", 16062)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 42
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x562270e71c28, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 31
read(27, "", 16353)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x562270fab388, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 317
read(28, "", 16067)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 23
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x562270e71c28, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 24
read(27, "", 16360)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x562270fad5b8, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 327
read(28, "", 16057)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 24
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x562270f62118, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 25
read(27, "", 16359)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x5622704e5fd8, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 330
read(28, "", 16054)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = 22
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, 0x562270f62118, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 23
read(27, "", 16361)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x5622700af948, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 313
read(28, "", 16071)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EACCES (Permission denied)
openat(AT_FDCWD, 0x562270f62118, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 78
read(27, "", 16306)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x5622704e5fd8, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 177
read(28, "", 16207)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EACCES (Permission denied)
openat(AT_FDCWD, 0x562270f62118, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 34
read(27, "", 16350)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x562270fad5b8, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 203
read(28, "", 16181)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EINVAL (Invalid argument)
readlink(0x7ffdf5508d60, 0x7ffdf5508900, 1023) = -1 EACCES (Permission denied)
openat(AT_FDCWD, 0x56227064ae88, O_RDONLY|O_CLOEXEC) = 27
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(27, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(27, 0x562270f65b28, 16384)         = 67
read(27, "", 16317)                     = 0
read(27, "", 16384)                     = 0
openat(AT_FDCWD, 0x5622700af948, O_RDONLY|O_CLOEXEC) = 28
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509040) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
statx(28, 0x7f6c94725570, AT_STATX_SYNC_AS_STAT|AT_EMPTY_PATH, STATX_ALL, 0x7ffdf5509100) = 0
read(28, 0x562270f65b28, 16384)         = 189
read(28, "", 16195)                     = 0
read(28, "", 16384)                     = 0
close(28)                               = 0
close(27)                               = 0
access(0x562270f62408, F_OK)            = 0
write(7, 0x7ffdf5508ce0, 8)             = 8
futex(0x562270fc03d0, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 0, NULL, FUTEX_BITSET_MATCH_ANY) = -1 EAGAIN (Resource temporarily unavailable)
futex(0x562270fc0380, FUTEX_WAKE_PRIVATE, 1) = 0
write(5, 0x7ffdf5508c40, 8)             = 8
write(5, 0x7ffdf5508d60, 8)             = 8
write(5, 0x7ffdf5508d30, 8)             = 8
write(5, 0x7ffdf5508d30, 8)             = 8
write(5, 0x7ffdf5508da0, 8)             = 8
write(7, 0x7ffdf55090c0, 8)             = 8
futex(0x7f6c94856fd0, FUTEX_WAKE_PRIVATE, 1) = 1
write(7, 0x7ffdf5508f70, 8)             = 8
write(5, 0x7ffdf5509770, 8)             = 8
poll(0x562270de0e80, 7, 0)              = 1 ([0x562270de0e80])
read(5, 0x7ffdf55098a0, 16)             = 8
poll(0x562270de0e80, 7, 8154)           = 1 ([0x562270de0e80])
read(5, 0x7ffdf55098a0, 16)             = 8
read(20, 0x7f6c80429000, 22)            = 22
read(20, 0x7f6c8043b200, 128)           = 128
write(7, 0x7ffdf5509050, 8)             = 8
poll(0x562270de0e80, 7, 8149)           = 1 ([0x562270de0e80])
read(5, 0x7ffdf55098a0, 16)             = 8
write(7, 0x7ffdf5509050, 8)             = 8
poll(0x562270de0e80, 7, 8147)           = 1 ([0x562270de0e80])
read(5, 0x7ffdf55098a0, 16)             = 8
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x28} ---
+++ killed by SIGSEGV +++
---

KeePassXC - Version 2.7.1
Revision: 5916a8f

Qt 5.15.2
Debugging mode is disabled.

Operating system: Fedora Linux 35 (Cloud Edition)
CPU architecture: x86_64
Kernel: linux 5.16.20-200.fc35.x86_64

Enabled extensions:

  • Auto-Type
  • Browser Integration
  • SSH Agent
  • KeeShare
  • YubiKey
  • Secret Service Integration

Cryptographic libraries:

  • Botan 2.18.2

Operating System: Linux (Fedora 35)
Desktop Env: KDE
Windowing System: X11
@JGoutin JGoutin added the bug label Apr 21, 2022
@maximilianovermeyer
Copy link

KeePassXC seems to crash if a matching item is in the Recycle Bin. Steps to reproduce:

[user@host ~]$ secret-tool store --label='Crashtest' attr1 value1 attr2 value2
Password: 
[user@host ~]$ secret-tool lookup attr1 value1
Abc12345
### at this point, delete the item, but leave it in the recycle bin
[user@host ~]$ secret-tool lookup attr1 value1
secret-tool: Message recipient disconnected from message bus without replying

@JGoutin
Copy link
Author

JGoutin commented Apr 29, 2022
edited
Loading

I confirm that there were a matching item in the recycle bin. There is no more crash since I cleared my recycle bin.

@JGoutin JGoutin changed the title Crash when using the secret service on specific secret Crash when using the secret service on a secret with a matching entry in the recycle bin Apr 29, 2022
@droidmonkey droidmonkey added this to the v2.7.2 milestone Apr 29, 2022
@Aetf
Copy link
Contributor

Aetf commented Apr 30, 2022

The code already tries to exclude entries from the recycle bin, but it looks like some edge cases slipped through. What are the layout of entries in the recycle bin? Are they directly belong to the recycle bin group, or are there additional subgroups involved?

From a quick glance of the code, it may be the case that entries are only checked for whether their direct parent is the recycle bin.

@JGoutin, I'd love a backtrace when the crash happens (i.e. type bt in the gdb shell).

Note to myself: this might also be the cause of #7850, check if that is the case.

@maximilianovermeyer
Copy link

maximilianovermeyer commented Apr 30, 2022
edited
Loading

They are directly in the Recycle Bin. They don't have to be that complex, it seems an attribute is enough to lead to the crash:
secret-tool store --label='Crashtest' attr1 value1
Export:
"Root/Recycle Bin","Crashtest","","Abc12345","","","","0","2022-04-30T09:51:37Z","2022-04-30T09:49:44Z"

edit:
Having a second look, it seems like the attributes don't get exported. So the shown export is not really helpful. But the first line is enough to create a problematic entry.

@droidmonkey droidmonkey mentioned this issue Apr 30, 2022
Closed
@droidmonkey
Copy link
Member

The entry class has a isRecycled() method that should be used if not already.

@JGoutin
Copy link
Author

JGoutin commented May 2, 2022

What are the layout of entries in the recycle bin? Are they directly belong to the recycle bin group, or are there additional subgroups involved?

There are no subgroups in my case.

@JGoutin, I'd love a backtrace when the crash happens (i.e. type bt in the gdb shell).

#0  FdoSecrets::Item::ensureBackend (this=this@entry=0x0) at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/objects/Item.cpp:341
#1  0x000055555586df89 in FdoSecrets::Item::locked (this=0x0, client=..., locked=@0x7fffffffcf20: true) at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/objects/Item.cpp:81
#2  0x00005555558615aa in FdoSecrets::Service::searchItems (this=<optimized out>, client=..., attributes=..., unlocked=..., locked=...)
    at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/objects/Service.cpp:262
#3  0x000055555583fff0 in FdoSecrets::Service::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=0x7fffffffd0b0)
    at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/redhat-linux-build/src/fdosecrets/fdosecrets_autogen/64PJ3GCGVF/moc_Service.cpp:243
#4  0x0000555555841621 in FdoSecrets::Service::qt_metacall (this=0x555556185970, _c=QMetaObject::InvokeMetaMethod, _id=18, _a=0x7fffffffd0b0)
    at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/redhat-linux-build/src/fdosecrets/fdosecrets_autogen/64PJ3GCGVF/moc_Service.cpp:340
#5  0x000055555585be06 in FdoSecrets::DBusMgr::deliverMethod (client=..., obj=<optimized out>, method=..., args=..., ret=..., outputArgs=...) at /usr/include/qt5/QtCore/qvarlengtharray.h:190
#6  0x000055555585d92a in FdoSecrets::DBusMgr::activateObject (this=0x55555617f960, client=..., path=..., req=..., msg=...)
    at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/dbus/DBusDispatch.cpp:282
#7  0x000055555585e7b0 in FdoSecrets::DBusMgr::handleMessage (this=this@entry=0x55555617f960, message=...) at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/fdosecrets/dbus/DBusDispatch.cpp:197
#8  0x00007ffff708326f in QDBusConnectionPrivate::activateObject (this=0x7fffd8003a00, node=..., msg=..., pathStartPos=24) at qdbusintegrator.cpp:1458
#9  0x00007ffff70859fc in QDBusActivateObjectEvent::placeMetaCall (this=0x555555ca6dd0) at qdbusintegrator.cpp:1617
#10 0x00007ffff6751f49 in QObject::event (this=0x55555617f960, e=0x555555ca6dd0) at kernel/qobject.cpp:1314
#11 0x00007ffff77e6443 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x55555617f960, e=0x555555ca6dd0) at kernel/qapplication.cpp:3632
#12 0x00007ffff67277d8 in QCoreApplication::notifyInternal2 (receiver=0x55555617f960, event=0x555555ca6dd0) at kernel/qcoreapplication.cpp:1064
#13 0x00007ffff672ad46 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x555555baa350) at kernel/qcoreapplication.cpp:1821
#14 0x00007ffff6779117 in postEventSourceDispatch (s=0x555555c97a20) at kernel/qeventdispatcher_glib.cpp:277
#15 0x00007ffff4fcd0af in g_main_dispatch (context=0x7fffe0005000) at ../glib/gmain.c:3381
#16 g_main_context_dispatch (context=0x7fffe0005000) at ../glib/gmain.c:4099
#17 0x00007ffff5022308 in g_main_context_iterate.constprop.0 (context=context@entry=0x7fffe0005000, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4175
#18 0x00007ffff4fca8a3 in g_main_context_iteration (context=0x7fffe0005000, may_block=1) at ../glib/gmain.c:4240
#19 0x00007ffff6778bb8 in QEventDispatcherGlib::processEvents (this=0x555555c91280, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#20 0x00007ffff67261e2 in QEventLoop::exec (this=this@entry=0x7fffffffd7a0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#21 0x00007ffff672e724 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#22 0x00005555556070b2 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/keepassxc-2.7.1-2.fc35.x86_64/src/main.cpp:187

@Aetf
Copy link
Contributor

Aetf commented May 5, 2022
edited
Loading

Thanks for the backtrace. This is indeed #7850. I'll prepare a new PR to fix this.

@Aetf
Copy link
Contributor

Aetf commented May 6, 2022

Is it the case that both of you configured to expose the root group of the database? @maximilianovermeyer @JGoutin

I'm wondering why entries in the recycle bin are returned by the entry searcher in the first place...

@maximilianovermeyer
Copy link

For me, yes. It's the default database created by KeePassXC if you haven't got any exposed groups and there is a save request via Secret Service. There is just:
Root
-> Recycle Bin

@Aetf
Copy link
Contributor

Aetf commented May 6, 2022

I see. That explains it. The entry searcher got confused when the recycle bin is also part of the exposed group.

Aetf added a commit to Aetf/keepassxc that referenced this issue May 6, 2022
@Aetf
FdoSecrets: skip entries in recycle bin when searching (keepassxreboo…
8d0f95a 
…t#7933)
Aetf added a commit to Aetf/keepassxc that referenced this issue May 6, 2022
@Aetf
FdoSecrets: skip entries in recycle bin when searching (fix keepassxr…
9a2f6ae 
…eboot#7933)
@Aetf Aetf mentioned this issue May 6, 2022
Merged
@JGoutin
Copy link
Author

JGoutin commented May 7, 2022

I confirm that the root group is exposed in my case too.

droidmonkey pushed a commit that referenced this issue May 28, 2022
@Aetf @droidmonkey
FdoSecrets: skip entries in recycle bin when searching (fix #7933)
a4c5997
pull bot pushed a commit to soitun/keepassxc that referenced this issue May 29, 2022
@Aetf @pull
FdoSecrets: skip entries in recycle bin when searching (fix keepassxr…
45b3fc0 
…eboot#7933)
pull bot pushed a commit to tigerwill90/keepassxc that referenced this issue May 30, 2022
@Aetf @pull
FdoSecrets: skip entries in recycle bin when searching (fix keepassxr…
15237de 
…eboot#7933)
droidmonkey pushed a commit that referenced this issue Jun 27, 2022
@Aetf @droidmonkey
FdoSecrets: skip entries in recycle bin when searching (fix #7933)
15510e4
t-h-e pushed a commit to t-h-e/keepassxc that referenced this issue Sep 8, 2022
@Aetf @t-h-e
FdoSecrets: skip entries in recycle bin when searching (fix keepassxr…
0fd4c9d 
…eboot#7933)
droidmonkey pushed a commit that referenced this issue Sep 22, 2022
@Aetf @droidmonkey
FdoSecrets: skip entries in recycle bin when searching (fix #7933)
107dcae
@michaelk83 michaelk83 mentioned this issue Oct 10, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Aetf Aetf

Labels
crash 💥 feature: Secret Service high priority 🚨
Projects
None yet
Milestone
v2.7.2
Development

Successfully merging a pull request may close this issue.

FdoSecrets: skip entries in recycle bin when searching Aetf/keepassxc
4 participants
@Aetf @droidmonkey @JGoutin @maximilianovermeyer