Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix freeze and high CPU usage on invalid STDIN data #1628

Merged
merged 1 commit into from
Mar 6, 2018

Conversation

phoerious
Copy link
Member

Description

Fixes a freeze and high CPU usage when provided with invalid STDIN data and/or a wrong database filename.
Resolves #1620

How has this been tested?

Manually. The reproduction examples in #1620 don't freeze KeePassXC anymore.

Types of changes

  • ✅ Bug fix (non-breaking change which fixes an issue)

Checklist:

  • ✅ I have read the CONTRIBUTING document. [REQUIRED]
  • ✅ My code follows the code style of this project. [REQUIRED]
  • ✅ All new and existing tests passed. [REQUIRED]
  • ✅ I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]

@phoerious phoerious added this to the v2.3.1 milestone Mar 4, 2018
@phoerious phoerious requested a review from a team March 4, 2018 22:59
@phoerious phoerious force-pushed the hotfix/1620-native-messaging-lockup branch from d03d816 to 2f5357d Compare March 4, 2018 23:03
Copy link
Member

@droidmonkey droidmonkey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See comment

arr.append(static_cast<char>(c));
}

if (arr.length() > 0) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't we lock at the beginning of the function or the beginning of the sendReply function?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why lock the mutex at the beginning when the first time any members (that need locking) are used is at this point?

Copy link
Member Author

@phoerious phoerious Mar 6, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't change anything here, but yes, it's weird.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, I had a quick look at it. On *nix it should be perfectly safe to remove the mutex, but on Windows, there is a weird mix of threads and signal/slot connections. I don't have the time right now to investigate where it's really needed and where it isn't. I'd prefer we just leave it as is for now.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Defer to the 2.4 epic to cleanup this code

@phoerious phoerious force-pushed the hotfix/1620-native-messaging-lockup branch from 2f5357d to e78fb78 Compare March 6, 2018 19:09
@phoerious phoerious merged commit 63a17f6 into release/2.3.1 Mar 6, 2018
@phoerious phoerious deleted the hotfix/1620-native-messaging-lockup branch March 6, 2018 20:55
phoerious added a commit that referenced this pull request Mar 6, 2018
- Fix unnecessary automatic upgrade to KDBX 4.0 and prevent challenge-response key being stripped [#1568]
- Abort saving and show an error message when challenge-response fails [#1659]
- Support inner stream protection on all string attributes [#1646]
- Fix favicon downloads not finishing on some websites [#1657]
- Fix freeze due to invalid STDIN data [#1628]
- Correct issue with encrypted RSA SSH keys [#1587]
- Fix crash on macOS due to QTBUG-54832 [#1607]
- Show error message if ssh-agent communication fails [#1614]
- Fix --pw-stdin and filename parameters being ignored [#1608]
- Fix Auto-Type syntax check not allowing spaces and special characters [#1626]
- Fix reference placeholders in combination with Auto-Type [#1649]
- Fix qtbase translations not being loaded [#1611]
- Fix startup crash on Windows due to missing SVG libraries [#1662]
- Correct database tab order regression [#1610]
- Fix GCC 8 compilation error [#1612]
- Fix copying of advanced attributes on KDE [#1640]
- Fix member initialization of CategoryListWidgetDelegate [#1613]
- Fix inconsistent toolbar icon sizes and provide higher-quality icons [#1616]
- Improve preview panel geometry [#1609]
@phoerious phoerious added pr: bugfix Pull request that fixes a bug and removed bug labels Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature: Browser pr: bugfix Pull request that fixes a bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants