Crash if I click reopen database repeatedly from browser plugin

[Hugo-Leung]

Overview

KeePassXC would crash if I click the reopen database button in the browser plugin while KeePassXC is already decrypting the database.

Steps to Reproduce

1. Set a large number of transform rounds
2. Click reopen database on browser plug in
3. enter master password
4. Click reopen database again while KeePassXC is decrypting

Expected Behavior

The second reopen database command should be ignored

Actual Behavior

Crash with error

Context

I have also seen similar errors when exiting the application, similar to #7543. But the crash on exit seems to be more random, I have yet to find a reliable way the reproduce that.

KeePassXC - 2.7.6
Revision: dd21def

Operating System: Windows 11 Version 2009

[varjolintu]

For me it crashes here: https://github.com/keepassxreboot/keepassxc/blob/develop/src/core/Database.cpp#L821. Can anyone else reproduce this?

Maybe we are not prepared for a situation where multiple unlocks can happen simultaneously. Database class has a QMutex for saving operations. Maybe something similar could be done for database opening, but on global level. We could add some checks to BrowserService but it only fixes the problem on that end.

[droidmonkey]

This is likely happening because the temporary Database instance in the unlock dialog is blown away once the database is actually unlocked. There are supposed to be safe guards to prevent that, but the browser service might be bypassing them using internal calls.