Hotfix heapUseAfterFree in db-create command #5470
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upon playing around with the
import
anddb-create
commands in the cli,I stumbled over another heap-use-after-free crash after the database has been created.
The crash can be reproduced with compiling the project with the cmake flag
-DWITH_ASAN=ON
and using the cli
db-create
command: e.g../keepassxc-cli db-create -k ~/exampleKeyFile ~/exampleDB
The design problem is described in #5166 and the trouble starts right after the initialization of
currentDatabase
in https://github.com/keepassxreboot/keepassxc/blob/develop/src/cli/Create.cpp#L164
I am aware of this PR #5212 which would address this issue already, however since I'm not sure
about the status, I wanted to propose a quick hotfix.
If the other PR will get merged soon, feel free to close this PR.
cheers!
@phoerious I'm sorry I screwed up the rebase attempt & I created this new PR.
Type of change