Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2392)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/password_manager/native_backend_kwallet_x.cc

Issue 7054027: Linux: add a check for suspicious data in KWallet pickles and ignore it. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/password_manager/native_backend_kwallet_x.cc
===================================================================
--- chrome/browser/password_manager/native_backend_kwallet_x.cc (revision 86153)
+++ chrome/browser/password_manager/native_backend_kwallet_x.cc (working copy)
@@ -511,6 +511,15 @@
return;
}
+ if (count > 0xFFFF) {
+ // Trying to pin down the cause of http://crbug.com/80728 (or fix it).
+ // This is a very large number of passwords to be saved for a single realm.
+ // It is almost certainly a corrupt pickle and not real data. Ignore it.
+ LOG(ERROR) << "Suspiciously large number of entries in KWallet entry "
+ << "(" << count << "; realm: " << signon_realm << ")";
+ return;
+ }
+
forms->reserve(forms->size() + count);
for (size_t i = 0; i < count; ++i) {
scoped_ptr<PasswordForm> form(new PasswordForm());
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698