Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(119)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/password_manager/native_backend_kwallet_x.cc

Issue 7054027: Linux: add a check for suspicious data in KWallet pickles and ignore it. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/password_manager/native_backend_kwallet_x.h" 5 #include "chrome/browser/password_manager/native_backend_kwallet_x.h"
6 6
7 #include <sstream> 7 #include <sstream>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/pickle.h" 10 #include "base/pickle.h"
(...skipping 493 matching lines...) Expand 10 before | Expand all | Expand 10 after
504 return; 504 return;
505 } 505 }
506 506
507 size_t count = 0; 507 size_t count = 0;
508 if (!pickle.ReadSize(&iter, &count)) { 508 if (!pickle.ReadSize(&iter, &count)) {
509 LOG(ERROR) << "Failed to deserialize KWallet entry " 509 LOG(ERROR) << "Failed to deserialize KWallet entry "
510 << "(realm: " << signon_realm << ")"; 510 << "(realm: " << signon_realm << ")";
511 return; 511 return;
512 } 512 }
513 513
514 if (count > 0xFFFF) {
515 // Trying to pin down the cause of http://crbug.com/80728 (or fix it).
516 // This is a very large number of passwords to be saved for a single realm.
517 // It is almost certainly a corrupt pickle and not real data. Ignore it.
518 LOG(ERROR) << "Suspiciously large number of entries in KWallet entry "
519 << "(" << count << "; realm: " << signon_realm << ")";
520 return;
521 }
522
514 forms->reserve(forms->size() + count); 523 forms->reserve(forms->size() + count);
515 for (size_t i = 0; i < count; ++i) { 524 for (size_t i = 0; i < count; ++i) {
516 scoped_ptr<PasswordForm> form(new PasswordForm()); 525 scoped_ptr<PasswordForm> form(new PasswordForm());
517 form->signon_realm.assign(signon_realm); 526 form->signon_realm.assign(signon_realm);
518 527
519 int scheme = 0; 528 int scheme = 0;
520 int64 date_created = 0; 529 int64 date_created = 0;
521 // Note that these will be read back in the order listed due to 530 // Note that these will be read back in the order listed due to
522 // short-circuit evaluation. This is important. 531 // short-circuit evaluation. This is important.
523 if (!pickle.ReadInt(&iter, &scheme) || 532 if (!pickle.ReadInt(&iter, &scheme) ||
(...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after
599 G_TYPE_STRING, kAppId, // appid 608 G_TYPE_STRING, kAppId, // appid
600 G_TYPE_INVALID, 609 G_TYPE_INVALID,
601 G_TYPE_BOOLEAN, &success, 610 G_TYPE_BOOLEAN, &success,
602 G_TYPE_INVALID); 611 G_TYPE_INVALID);
603 if (CheckError() || !success) 612 if (CheckError() || !success)
604 return kInvalidKWalletHandle; 613 return kInvalidKWalletHandle;
605 } 614 }
606 615
607 return handle; 616 return handle;
608 } 617 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698