Project

General

Profile

Bug #521

Unable to open the database. Entry string key or value missing

Added by Jeff Turner over 2 years ago. Updated over 2 years ago.

Status:
New
Priority:
High
Assignee:
-
Target version:
-
Operating System:
Linux
Affected version:
Affected revision:

Description

I used KeepassX 2.0.2 on Linux. Today I found myself unable to open my main password file, with the unusual error: "Entry string key or value missing". Looking at the source code in src/format/KeePass2XmlReader.cpp:848 (and hacking it slightly to be more specific), this is an XML validity problem. My XML has a <string> node with a <Key>, but no <Value>.

I have a script that takes screenshots of my desktop every minute, so I can provide a screenshot taken seconds before the kdbx was saved (according to its timestamp):

and seconds after:

As you can see, I had created a new folder 'Suits' and added an 'institchu.com' entry. Then somehow I did something that corrupted the database. From memory, all I did was delete the 'Password' field and saved the entry. Somehow that resulted in the entry's <Password> being entirely missing, rather than present but blank.

Sorry, but try as I might, I cannot replicate the corruption. It's something to do with saving Entries. While I can't share the corrupted password file I'm willing to recompile keepassx and run experiments on it.

For now I'm really glad I have backups (ZFS auto-snapshots FTW!)

History

#1 Updated by Jeff Turner over 2 years ago

Redmine file uploads are borked ("Internal Server Error" on upload).

Here is the pre-corruption screenshot:

and post-corruption:

#2 Updated by Florian Geyer over 2 years ago

Could you post the XML for the broken entry?

You can extract the XML with the help of the kdbx-extract tool (it is located in the subfolder "utils" in your build folder).
Usage: kdbx-extract <password/key file> <kdbx file>
The extracted XML will be dumped to stdout.

#3 Updated by Jeff Turner over 2 years ago

Florian Geyer wrote:

Could you post the XML for the broken entry?

You can extract the XML with the help of the kdbx-extract tool (it is located in the subfolder "utils" in your build folder).
Usage: kdbx-extract <password/key file> <kdbx file>
The extracted XML will be dumped to stdout.

My corrupt kdbx requires a keyfile and a password, whereas kdbx-extract only allows one or the other. So I can't use kdbx-extract, but if I add the following to KeePass2XmlReader::readDatabase():

    QByteArray xmlData = device->readAll();
    QTextStream out(stdout);
    out << xmlData.constData() << "\n";

I can view the corrupt XML. It turns out, the last 96 lines of XML are entirely missing. The last few lines are:

                                          <String> 
                                                  <Key>Title</Key>
                                                  <Value>amazon.comj</Value>
                                          </String>
                                          <String> 
                                                  <Key>URL</Key>
                                                  <Value/>
                                          </String>
                                          <String> 
                                                  <Key>UserName</Key>

It just happens to end on a <String> missing a <Value>, hence the error message.

Unfortunately I don't have stdout/stderr from the keepassx that broke, so I've no idea why it failed to write the XML.

It would be nice if KeePassX could log its messages somewhere persistent, so that in cases like mine there is some way to proceed. Apparently newer QTs can log to syslog, and it's possible to redirect qDebug() and friends to a text file in older versions too. See https://www.ics.com/blog/whats-new-qt-560-logging-syslog-and-journald. Is this an option?

Anyhow, I'm happy to close this particular issue if it's a dead end.

#4 Updated by Florian Geyer over 2 years ago

Interesting, i initially thought only a value tag in the Xml was missing.
This indicates an error in some of the layered devices (encryption, hashing, buffering, ...) which for some reason didn't get passed up to the main writer. Hard to tell what happened there.

Ideally an error box should have popped up and no overwriting would haven taken place.

#5 Updated by Jeff Turner over 2 years ago

I don't recall an error box but might have closed it accidentally. Perhaps it was a low memory condition. Anyhow I'll leave it with you - feel free to close if it's essentially non-replicable.

Also available in: Atom PDF