Bug 18630

Summary: WebKit r31381 History Data Overwrites ~/Library/Keychains/login.keychain
Product: WebKit Reporter: Galen Zink <galen>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: UNCONFIRMED    
Severity: Critical CC: abode0820, davidlee54498, dr3359516, ngockhanhlam87
Priority: P1    
Version: 528+ (Nightly build)   
Hardware: Mac   
OS: OS X 10.5   
Attachments:
Description Flags
Excerpts from start of login.keychain none

Galen Zink
Reported 2008-04-19 16:01:25 PDT
While running WebKit.app nightly build r31381, my login.keychain spontaneously became corrupt. This was shocking to me, but I assumed it wasn't really related to WebKit in any way. I immediately made a backup of login.keychain. I then closed WebKit.app and saved a second copy out. I was going to simply restore from backup, but the last system backup was interrupted in process, and thus did not have a usable login.keychain file - a very unusual and precarious situation. Therefore, I decided to attempt recovery. What I found shocked me. A portion of my WebKit history data (around 400K) had been written atop the beginning of the my keychain - the copy saved out before I quit WebKit. A small excerpt of this is attached below. I do not know if data was partially or wholly overwritten. The copy of the keychain made after closing out WebKit was roughly the same size, but filled with random bytes of information in place of my history. A sample is also provided below. This behavior is deeply, deeply disturbing. I never imagined such a disastrous event could happen. It certainly merits investigation on the part of the developers, as even a small percentage of users experiencing this scenario could be a very serious problem. While I haven't spent enough time reverse-engineering the keychain file format to fully grasp it, I can definitely say that a portion of my keychain, particularly the headers which are critical to having a usable keychain file (and appear to also include some kind of checksum value for the file) have been overwritten. However, I can also confirm that a large portion of the keychain data is still intact. While I realize that Apple is not responsible for the performance of developmental software like this, I would greatly appreciate it if somebody over at Apple would put me in touch with a Keychain software engineer who might provide more information on the file format and/or how I could achieve at least a partial recovery of the critical contents of my keychain. I have some very important information in there and was caught at an inopportune time due to my backup issues. Snippet of text found at start of login.keychain before closing WebKit:
Attachments
Excerpts from start of login.keychain (2.27 KB, text/plain)
2008-04-19 16:05 PDT, Galen Zink 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Galen Zink
Comment 1 2008-04-19 16:05:06 PDT
Created attachment 20693 [details] Excerpts from start of login.keychain I attempted to copy and paste the excerpts to the body of the bug report, but the characters appeared to cause those portions of the message to be truncated. I have re-attached as a text file.
Mark Rowe (bdash)
Comment 2 2008-04-19 18:14:59 PDT
I would suggest that you file a bug report at http://bugreport.apple.com/. WebKit itself doesn't write to the keychain -- that happens from Safari and other system frameworks that WebKit uses. There doesn't seem to be much to investigate from a WebKit angle here.
andrea holly
Comment 3 2015-05-13 12:42:12 PDT
Comment on attachment 20693 [details] Excerpts from start of login.keychain >Pre closing webkit, excerpt from start of login.keychain: >structure for a Dynamic World[228351631.7_HCitrix Systems - Application Delivery Infrastructure for a Dynamic World_http://www.citrix.com/â÷i_i`i_ia_citrix - Google Search[228351616.0_qhttp://www.google.com/search?hl=en&client=safari&rls=en-us&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=citrix&spell=1â÷icidicie_cirtix - Google Search[228351613.4_7http://www.google.com/search?q=cirtix&ie=UTF-8&oe=UTF-8â÷igihigii_5Doomsday fears spark lawsuit - Cosmic Log - msnbc.com[228351293.7_=http://cosmiclog.msnbc.msn.com/archive/2008/03/27/823924.aspxâ÷ikilikim_canon 40D - Google Search[228349384.1_:http://www.google.com/search?q=canon+40D&ie=UTF-8&oe=UTF-8â÷ioipioiq_&Sony Handycam HDR-SR12 - Google Search[228349382.0_Ghttp://www.google.com/search?q=Sony+Handycam+HDR-SR12&ie=UTF-8&oe=UTF-8â÷isitisiu_%Sony Electronics News and Information[228347104.0_ähttp://news.sel.sony.com/en/image_library/images/small/consumer/digital_imaging/camcorders/high_definition/detail?archive=0&asset_id=32332â÷isiwisix[228347058.8_ > >Post closing webkit, from start of login.keychain: >©¶ÃÃEà DPºOÃâºÂ»Â¶A<𤋮0´3CÃ"WâúâÃ3}<,Aâcââ¥Â´ËÃQätÂ¥,ââ«Î©}âÃ0ÅòH(7ÃÃ¥â¤Ãl(ÃÆòà*ÃçïÃjôà ËÃââ(¿¨$ËEbö#â¬|âìãúvzÃ%bauΩçÅü@ââ@â°%ñà >ûaèrB0vZ®Câ¢$'Sª3 »ŸüùÃÃÃ¥`fVï¬Ã¹nü¸¯«.ï¬ËÃ}ÃÅøÃEâ¢ï¬}@ââ¤Ëâ¢CÃÃVË5G¢ãp1%ÃmÃVÃULozp=ïá´.ÏâãË?Ë ÃTLXR£Ã,[5òËsí¬âËíâ¦c&⯥àË,âsd±Ã21g3tT,ÃM=Z4âxT ^Ã:nµÃ¢d4»LKå·ÃàâZdÃisºÃt=#·ÿ©â AΩâ«Ã4õXzHL!ÃÅÃMÃñ&âS@õâ¸âIJââú·â¡~2ãäéE`·$â¤Ã¢Â±Ã3ââ¦Uâê¬Åle¶â¢1`îÃ"XÃGâñôñnc4â¯Ã9â¬â¹âñÃï¬Â¬âL&u4^sâÃâË67ÃNÃ.Ëçaà >sÆËaâ¹Â¿ ÃmÆüqÃEÃx*JEº.â¦ÅbıpjyKÃU9ï¬Ã§Ã=t¿¥R«±Q¨£^â°2â°Ã³vNâÃΩñ >ì¨7I/·âÃâ°@@)âÃÅT«âíPYÃÃúîâ¦ÃÃYG9ÃHG¡´Ã¨ÃŸââ¤\M¶Ãiâ¥ÃÃqÃïÃÃÿVâ gCï¬ââùâñÃ9â^ÃÃugm±/⹠ü-ŸËÃ7â¢~m >â°!Ã9®åËËáôcLªÃÃ"ÃâeÃâ¡Î©Ã»Â
Andrew C McCoy
Comment 4 2016-11-18 00:16:53 PST
Comment on attachment 20693 [details] Excerpts from start of login.keychain What does this mean??
Ramsa
Comment 6 2022-03-12 22:22:24 PST
Comment on attachment 20693 [details] Excerpts from start of login.keychain Ramsa
denis65
Comment 7 2023-11-23 05:11:06 PST
Comment on attachment 20693 [details] Excerpts from start of login.keychain >Pre closing webkit, excerpt from start of login.keychain: >structure for a Dynamic World[228351631.7_HCitrix Systems - Application Delivery Infrastructure for a Dynamic World_http://www.citrix.com/â÷i_i`i_ia_citrix - Google Search[228351616.0_qhttp://www.google.com/search?hl=en&client=safari&rls=en-us&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=citrix&spell=1â÷icidicie_cirtix - Google Search[228351613.4_7http://www.google.com/search?q=cirtix&ie=UTF-8&oe=UTF-8â÷igihigii_5Doomsday fears spark lawsuit - Cosmic Log - msnbc.com[228351293.7_=http://cosmiclog.msnbc.msn.com/archive/2008/03/27/823924.aspxâ÷ikilikim_canon 40D - Google Search[228349384.1_:http://www.google.com/search?q=canon+40D&ie=UTF-8&oe=UTF-8â÷ioipioiq_&Sony Handycam HDR-SR12 - Google Search[228349382.0_Ghttp://www.google.com/search?q=Sony+Handycam+HDR-SR12&ie=UTF-8&oe=UTF-8â÷isitisiu_%Sony Electronics News and Information[228347104.0_ähttp://news.sel.sony.com/en/image_library/images/small/consumer/digital_imaging/camcorders/high_definition/detail?archive=0&asset_id=32332â÷isiwisix[228347058.8_ > >Post closing webkit, from start of login.keychain: >©¶ÃÃEà DPºOÃâºÂ»Â¶A<𤋮0´3CÃ"WâúâÃ3}<,Aâcââ¥Â´ËÃQätÂ¥,ââ«Î©}âÃ0ÅòH(7ÃÃ¥â¤Ãl(ÃÆòà*ÃçïÃjôà ËÃââ(¿¨$ËEbö#â¬|âìãúvzÃ%bauΩçÅü@ââ@â°%ñà >ûaèrB0vZ®Câ¢$'Sª3 »ŸüùÃÃÃ¥`fVï¬Ã¹nü¸¯«.ï¬ËÃ}ÃÅøÃEâ¢ï¬}@ââ¤Ëâ¢CÃÃVË5G¢ãp1%ÃmÃVÃULozp=ïá´.ÏâãË?Ë ÃTLXR£Ã,[5òËsí¬âËíâ¦c&⯥àË,âsd±Ã21g3tT,ÃM=Z4âxT ^Ã:nµÃ¢d4»LKå·ÃàâZdÃisºÃt=#·ÿ©â AΩâ«Ã4õXzHL!ÃÅÃMÃñ&âS@õâ¸âIJââú·â¡~2ãäéE`·$â¤Ã¢Â±Ã3ââ¦Uâê¬Åle¶â¢1`îÃ"XÃGâñôñnc4â¯Ã9â¬â¹âñÃï¬Â¬âL&u4^sâÃâË67ÃNÃ.Ëçaà >sÆËaâ¹Â¿ ÃmÆüqÃEÃx*JEº.â¦ÅbıpjyKÃU9ï¬Ã§Ã=t¿¥R«±Q¨£^â°2â°Ã³vNâÃΩñ >ì¨7I/·âÃâ°@@)âÃÅT«âíPYÃÃúîâ¦ÃÃYG9ÃHG¡´Ã¨ÃŸââ¤\M¶Ãiâ¥ÃÃqÃïÃÃÿVâ gCï¬ââùâñÃ9â^ÃÃugm±/⹠ü-ŸËÃ7â¢~m >â°!Ã9®åËËáôcLªÃÃ"ÃâeÃâ¡Î©Ã»Â
Note You need to log in before you can comment on or make changes to this bug.