Do not read past ending KeePassFile tag in xml stream

A lightweight and easy-to-use password manager

Brought to you by: dreichl

#126 Do not read past ending KeePassFile tag in xml stream

Milestone: KeePass_2.x

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2022-02-15

Created: 2021-07-27

Creator: gwashburn

Private: No

This patch has the xml reader/parser stop reading from the xml stream once the KeePassFile end tag is found. This allows some databases that have valid xml data followed by garbage bytes to be opened by KeePass. This has been a known issue with the TwofishCipher plugin and conceivably could happen with alternate implementations. Attached is also a KDBX file with Twofish encryption that will successfully open with this patch, but won't without it. For some context see these discussion threads: here and here.

2 Attachments

do-not-read-after-KeePassFile-end-tag.patch

test-fmt4_1.kdbx

Discussion

gwashburn - 2021-07-27

Also, to open the database the TwofishCipher plugin with my patch to not handle padding must be used or a padding exception will be raised.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

:David Campey - 2022-02-15

I can confirm this works for me, thanks.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Do not read past ending KeePassFile tag in xml stream

A lightweight and easy-to-use password manager

Group

Searches

Help

#126 Do not read past ending KeePassFile tag in xml stream

Discussion