From 547c246e8872d90daf2b09de58a4913bb5d66a7e Mon Sep 17 00:00:00 2001 From: James Ring Date: Tue, 3 Sep 2019 05:50:44 -0700 Subject: [PATCH] Additional database file checks in cli/Utils.unlockDatabase Avoids prompting the user for a password if unlocking is likely to fail due to some problem with the database file (i.e. not found, not a file, not readable). Add unit tests. --- src/cli/Utils.cpp | 17 +++++++++++++++++ tests/TestCli.cpp | 35 +++++++++++++++++++++++++++++++++++ tests/TestCli.h | 1 + 3 files changed, 53 insertions(+) diff --git a/src/cli/Utils.cpp b/src/cli/Utils.cpp index a23f872fd..b312dbef3 100644 --- a/src/cli/Utils.cpp +++ b/src/cli/Utils.cpp @@ -24,6 +24,7 @@ #include #endif +#include #include #include @@ -108,6 +109,22 @@ namespace Utils TextStream out(outputDescriptor); TextStream err(errorDescriptor); + QFileInfo dbFileInfo(databaseFilename); + if (dbFileInfo.canonicalFilePath().isEmpty()) { + err << QObject::tr("Failed to open database file %1: not found").arg(databaseFilename) << endl; + return {}; + } + + if (!dbFileInfo.isFile()) { + err << QObject::tr("Failed to open database file %1: not a plain file").arg(databaseFilename) << endl; + return {}; + } + + if (!dbFileInfo.isReadable()) { + err << QObject::tr("Failed to open database file %1: not readable").arg(databaseFilename) << endl; + return {}; + } + if (isPasswordProtected) { out << QObject::tr("Insert password to unlock %1: ").arg(databaseFilename) << flush; QString line = Utils::getPassword(outputDescriptor); diff --git a/tests/TestCli.cpp b/tests/TestCli.cpp index d51f90d03..0b7de14e7 100644 --- a/tests/TestCli.cpp +++ b/tests/TestCli.cpp @@ -1409,3 +1409,38 @@ void TestCli::testShow() QCOMPARE(m_stdoutFile->readAll(), QByteArray("")); QCOMPARE(m_stderrFile->readAll(), QByteArray("Entry with path /Sample Entry has no TOTP set up.\n")); } + +void TestCli::testInvalidDbFiles() +{ + Show showCmd; + QString nonExistentDbPath("/foo/bar/baz"); + QString directoryName("/"); + + qint64 pos = m_stderrFile->pos(); + showCmd.execute({"show", nonExistentDbPath, "-q", "/Sample Entry"}); + m_stderrFile->seek(pos); + QCOMPARE(QString(m_stderrFile->readAll()), + QObject::tr("Failed to open database file %1: not found").arg(nonExistentDbPath) + "\n"); + + pos = m_stderrFile->pos(); + showCmd.execute({"show", directoryName, "-q", "whatever"}); + m_stderrFile->seek(pos); + QCOMPARE(QString(m_stderrFile->readAll()), + QObject::tr("Failed to open database file %1: not a plain file").arg(directoryName) + "\n"); + + // Create a write-only file and try to open it. + // QFileInfo.isReadable returns 'true' on Windows, even after the call to + // setPermissions(WriteOwner) and with NTFS permissions enabled, so this + // check doesn't work. +#if !defined(Q_OS_WIN) + QTemporaryFile tempFile; + QVERIFY(tempFile.open()); + QString path = QFileInfo(tempFile).absoluteFilePath(); + QVERIFY(tempFile.setPermissions(QFileDevice::WriteOwner)); + pos = m_stderrFile->pos(); + showCmd.execute({"show", path, "some entry"}); + m_stderrFile->seek(pos); + QCOMPARE(QString(m_stderrFile->readAll()), + QObject::tr("Failed to open database file %1: not readable").arg(path) + "\n"); +#endif // Q_OS_WIN +} diff --git a/tests/TestCli.h b/tests/TestCli.h index c012fc807..a313fe224 100644 --- a/tests/TestCli.h +++ b/tests/TestCli.h @@ -63,6 +63,7 @@ private slots: void testRemove(); void testRemoveQuiet(); void testShow(); + void testInvalidDbFiles(); private: QByteArray m_dbData;