Fix heap-use-after-free & error-msg output in keepassxc-cli#5368
Merged
droidmonkey merged 1 commit intokeepassxreboot:release/2.6.2from Sep 5, 2020
Merged
Conversation
droidmonkey
requested changes
Sep 3, 2020
droidmonkey
approved these changes
Sep 4, 2020
c229cd5 to
e6b98a7
Compare
phoerious
added a commit
that referenced
this pull request
Oct 21, 2020
Added - Add option to keep window always on top to view menu [#5542] - Move show/hide usernames and passwords to view menu [#5542] - Add command line options and environment variables for changing the config locations [#5452] - Include TOTP settings in CSV import/export and add support for ISO datetimes [#5346] Changed - Mask sensitive information in command execution confirmation prompt [#5542] - SSH Agent: Avoid shortcut conflict on macOS by changing "Add key" to Ctrl+H on all platforms [#5484] Fixed - Prevent data loss with drag and drop between databases [#5536] - Fix crash when toggling Capslock rapidly [#5545] - Don't mark URL references as invalid URL [#5380] - Reset entry preview after search [#5483] - Set Qt::Dialog flag on database open dialog [#5356] - Fix sorting of database report columns [#5426] - Fix IfDevice matching logic [#5344] - Fix layout issues and a stray scrollbar appearing on top of the entry edit screen [#5424] - Fix tabbing into the notes field [#5424] - Fix password generator ignoring settings on load [#5340] - Restore natural entry sort order on application load [#5438] - Fix paperclip and TOTP columns not saving state [#5327] - Enforce fixed password font in entry preview [#5454] - Add scrollbar when new database wizard exceeds screen size [#5560] - Do not mark database as modified when viewing Auto-Type associations [#5542] - CLI: Fix two heap-use-after-free crashes [#5368,#5470] - Browser: Fix key exchange not working with multiple simultaneous users on Windows [#5485] - Browser: Fix entry retrieval when "only best matching" is enabled [#5316] - Browser: Ignore recycle bin on KeePassHTTP migration [#5481] - KeeShare: Fix import crash [#5542] - macOS: Fix toolbar theming and breadcrumb display issues [#5482] - macOS: Fix file dialog randomly closing [#5479] - macOS: Fix being unable to select OPVault files for import [#5341]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Proposed fix for #5367
After investigating with AddressSanitizer it seems that
the ~Database destructor is called twice, since the QSharedPointer
variable cmd->currentDatabase & currentDatabase is initialized to
the the same address.
also fixed a issue with the cli unkown command output, since
in case of a wrong command only a "\n" character is appended to the
Utils::STDERR textstream but not flushed & printed.
Upon exitting the shell the stream is flushed and if a bunch of unkown
commands are entered all of them are subsequently printed.
With endl the newline char is appended and the error-message is flushed,
printed and the shell continues.
Testing strategy
Screenshots
Type of change