After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 694787 - Can't handle empty string secrets
Can't handle empty string secrets
Status: RESOLVED FIXED
Product: libsecret
Classification: Other
Component: General
unspecified
Other Linux
: Normal normal
: ---
Assigned To: libsecret maintainer(s)
libsecret maintainer(s)
Depends on:
Blocks: 679918
 
 
Reported: 2013-02-27 08:50 UTC by Claudio Saavedra
Modified: 2013-03-04 07:42 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
secret-value: allow empty strings (813 bytes, patch)
2013-02-27 09:19 UTC, Claudio Saavedra 		none Details | Review
secret-value: allow empty strings (2.73 KB, patch)
2013-03-04 06:49 UTC, Stef Walter 		committed Details | Review

Description Claudio Saavedra 2013-02-27 08:50:59 UTC 
This trace suggests that we're receiving an empty string as a secret from the secret service and that secret_value_new_full() is failing because of that.

(gdb) bt

+ Trace 231577

  • #0 g_logv
    at gmessages.c line 981
  • #1 g_log
    at gmessages.c line 1010
  • #2 g_return_if_fail_warning
    at gmessages.c line 1019
  • #3 secret_value_new_full
    at secret-value.c line 135
  • #4 service_decode_aes_secret
    at secret-session.c line 448
  • #5 _secret_session_decode_secret
    at secret-session.c line 504
  • #6 on_item_load_secret
    at secret-item.c line 1159
  • #7 g_simple_async_result_complete
    at gsimpleasyncresult.c line 777
  • #8 reply_cb
    at gdbusproxy.c line 2632
  • #9 g_simple_async_result_complete
    at gsimpleasyncresult.c line 777
  • #10 g_dbus_connection_call_done
    at gdbusconnection.c line 5339
  • #11 g_simple_async_result_complete
    at gsimpleasyncresult.c line 777
  • #12 complete_in_idle_cb
    at gsimpleasyncresult.c line 789
  • #13 g_main_dispatch
    at gmain.c line 3054
  • #14 g_main_context_dispatch
    at gmain.c line 3630
  • #15 g_main_context_iterate
    at gmain.c line 3701
  • #16 g_main_loop_run
    at gmain.c line 3895
  • #17 secret_item_load_secret_sync
    at secret-item.c line 1312 






Comment 1


Claudio Saavedra





          2013-02-27 09:19:12 UTC
        



Created attachment 237504 [details] [review]
secret-value: allow empty strings

Passwords and other secrets are allowed to be empty strings, therefore
the check for length != 0 is wrong.






Comment 2


Stef Walter





          2013-03-04 06:49:55 UTC
        



Created attachment 237931 [details] [review]
secret-value: allow empty strings

Passwords and other secrets are allowed to be empty strings, therefore
the check for length != 0 is wrong.

Add tests for empty SecretValue contents.






Comment 3


Stef Walter





          2013-03-04 06:50:37 UTC
        



Thanks for catching that. How does the attached patch look? If it checks out, please go ahead and push it.






Comment 4


Claudio Saavedra





          2013-03-04 07:41:57 UTC
        



Attachment 237931 [details] pushed as ab239c7 - secret-value: allow empty strings