Keepassxc: Database corruption on merging to a locked database

Created on 24 Apr 2018  Â·  7Comments  Â·  Source: keepassxreboot/keepassxc


I just lost my database. Fingers were faster than they should've been, attempted a merge while my db was locked. That just opened the db I'm merging. Manually opening the db I merged into shows it's corrupt.

I guess it was because the db was locked, looking at similar corruption issues in the past. This is the second corruption I had resulting in loss of some data.

Expected Behavior


Merging into locked database should not corrupt it.

Steps to Reproduce (for bugs)


  1. Open database, set to auto lock after delay. Wait for db to be locked.
  2. Select Database -> Merge from KeepassXC database
  3. Poof. DB gets corrupt

Debug Info


KeePassXC - Version 2.3.1
Revision: 2fcaeea

Libraries:

  • Qt 5.10.1
  • libgcrypt 1.8.2

Operating system: Arch Linux
CPU architecture: x86_64
Kernel: linux 4.15.15-1-ARCH

Enabled extensions:

  • Auto-Type
  • Browser Integration
  • Legacy Browser Integration (KeePassHTTP)
  • SSH Agent
  • YubiKey
bug high priority security
Source
picture phanimahesh

Most helpful comment

Or scary.

picture phoerious on 20 May 2018
👍4

All 7 comments

I fixed this in #1219. Unless merging is somehow bypassing the standard save functions. You didn't keep any backups? Were you using kdbx4?

droidmonkey picture droidmonkey on 24 Apr 2018

My backups were stale, I know, stupid stuff, but shit happens. I lost a small fraction of my changes, but among them are a few important ones.

How do I check if I'm using kdbx4? The file has a .kdbx extension

phanimahesh picture phanimahesh on 18 May 2018

If you dont know then you are not using it, it is currently opt-in on the database settings. I'm going to look into this and try to replicate.

droidmonkey picture droidmonkey on 18 May 2018

OK, so I replicated the issue, there is definitely a problem. HOWEVER, the database is NOT CORRUPT. Just uncheck the password checkbox and you will be able to decrypt it. Basically the database gets saved without any password, keyfile, whatever.

This needs to be fixed ASAP.

droidmonkey picture droidmonkey on 18 May 2018
👍2

Whoa!
Turns out both my corrupted databases were saved without encryption. Was able to open them up and merge, but now I have to figure out a way to diff the old versions from the new properly (#1152).

Thanks for investigating the issue. I was able to recover both my "corrupt" databases, since I saved their copies in hopes of cracking the puzzle sometime.

phanimahesh picture phanimahesh on 19 May 2018

Awesome

droidmonkey picture droidmonkey on 19 May 2018

Or scary.

phoerious picture phoerious on 20 May 2018
👍4
Was this page helpful?
0 / 5 - 0 ratings

Related issues

2tbwXj46BDbdNBRV79DS picture 2tbwXj46BDbdNBRV79DS  Â·  3Comments
shaneknysh picture shaneknysh  Â·  3Comments
JosephHatfield picture JosephHatfield  Â·  3Comments
Throne3d picture Throne3d  Â·  3Comments
813gan picture 813gan  Â·  3Comments