Keepassxc: Export from Keepass1 .kdb database segfaults
Expected Behavior
When executing keepassxc-cli extract passwords.kdb I would expect the xml data to go to stdout in the same way that keepassxc-cli extract passwords.kdbx does.
Current Behavior
Segmentation fault
Possible Solution
Use the import capability of keepass 1 databases to read the database and export it the same way as the keepass 2 database.
Steps to Reproduce
keepassxc-cli extract passwords.kdb
Context
Looking to automate diversified backups, was hoping to use keepassxc-cli for the purpose of converting keepass 1 databases to xml.
Debug Info
keepassxc-cli -v
2.3.1
(from the Ubuntu 18.04 repos)
Operating system: Ubuntu 18.04.2 LTS
CPU architecture: amd64
Kernel: 4.18.0-15-generic
Enabled extensions:
None that I know of.
pepa65
All 9 comments
Well it shouldn't segfault, that is certainly not desirable behavior.
droidmonkey
on 21 Feb 2019
I think it segfaults on any random file. :-)
pepa65
on 21 Feb 2019
@pepa65 can you try reproducing with the develop branch? The database extraction saw some refactoring happening since 2.3.1. and I was not able to reproduce with a v1 database on 2.4.0
louib
on 22 Feb 2019
@louib Is there an easy way to only build keepassxc-cli? Otherwise I will get mired in Qt5 issues, and the Qt5LinguistTools are not in the normal repos.
EDIT: Sorry, turned out I just needed to install qttools5-dev, libgpg-error-dev, libgcrypt20-dev and libqrencode-dev.
Got it to build, 2.4.0-snapshot, and when I now do keepassxc-cli extract keepass.kdb:
Error while reading the database: The selected file is an old KeePass 1 database (.kdb).
You can import it by clicking on Database > 'Import KeePass 1 database...'.
This is a one-way migration. You won't be able to open the imported database with the old KeePassX 0.4 version.
So indeed, it doesn't segfault anymore, but it is not able to load the v3 Keepass 1.X kdb database file...
pepa65
on 22 Feb 2019
@pepa65 could you try migrating the db with 2.4.0-snapshot and then extracting? Make a backup of the db before please :grimacing:
louib
on 22 Feb 2019
So you're proposing to open the kdb with the GUI, save it as a kdbx, and then open that database with keepassxc-cli? I expect that should work, as there was no problem opening kdbx databases.
That works, the only issue is, after streaming the xml to stdout, it is followed by the string 62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c62;c that is left unentered on the commandline.
pepa65
on 22 Feb 2019
The latest version of the cli throws a well written warning to the user about kdb.
droidmonkey
on 18 Apr 2020
I think it segfaults on any random file. :-)
Has anyone considered fuzz-testing the importer? Might also uncover some vulnerabilities.
wolframroesler
on 18 Apr 2020
@wolframroesler I agree. Fuzz-testing would be relevant for the other CLI commands as well
louib
on 18 Apr 2020
Related issues
clementlesne
路
3Comments
n1trux
路
3Comments
guihkx
路
3Comments
amvasilyev
路
3Comments
bleepnetworks
路
3Comments