[Webkit-unassigned] [Bug 18630] New: WebKit r31381 History Data Overwrites ~/Library/Keychains/login.keychain

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Apr 19 16:01:25 PDT 2008 

http://bugs.webkit.org/show_bug.cgi?id=18630

           Summary: WebKit r31381 History Data Overwrites
                    ~/Library/Keychains/login.keychain
           Product: WebKit
           Version: 526+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P1
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: galen at zinkconsulting.com


While running WebKit.app nightly build r31381, my login.keychain spontaneously
became corrupt. This was shocking to me, but I assumed it wasn't really related
to WebKit in any way. I immediately made a backup of login.keychain. I then
closed WebKit.app and saved a second copy out.

I was going to simply restore from backup, but the last system backup was
interrupted in process, and thus did not have a usable login.keychain file - a
very unusual and precarious situation. Therefore, I decided to attempt
recovery.

What I found shocked me. A portion of my WebKit history data (around 400K) had
been written atop the beginning of the my keychain - the copy saved out before
I quit WebKit. A small excerpt of this is attached below. I do not know if data
was partially or wholly overwritten.

The copy of the keychain made after closing out WebKit was roughly the same
size, but filled with random bytes of information in place of my history. A
sample is also provided below.

This behavior is deeply, deeply disturbing. I never imagined such a disastrous
event could happen. It certainly merits investigation on the part of the
developers, as even a small percentage of users experiencing this scenario
could be a very serious problem.

While I haven't spent enough time reverse-engineering the keychain file format
to fully grasp it, I can definitely say that a portion of my keychain,
particularly the headers which are critical to having a usable keychain file
(and appear to also include some kind of checksum value for the file) have been
overwritten. However, I can also confirm that a large portion of the keychain
data is still intact.

While I realize that Apple is not responsible for the performance of
developmental software like this, I would greatly appreciate it if somebody
over at Apple would put me in touch with a Keychain software engineer who might
provide more information on the file format and/or how I could achieve at least
a partial recovery of the critical contents of my keychain. I have some very
important information in there and was caught at an inopportune time due to my
backup issues.

Snippet of text found at start of login.keychain before closing WebKit:


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list