Bug 126745 - stored PASSWORD IS revealed using find in konqueror

Bug 126745 - stored PASSWORD IS revealed using find in konqueror


Summary:	stored PASSWORD IS revealed using find in konqueror

Product:	konqueror
Component:	general
Status:	RESOLVED
Resolution:	FIXED
Target:	---

Version:	unspecified
Priority:	NOR
Severity:	grave

Votes:

Version Fixed In:

Description From Mohd Asif Ali Rizwaan 2006-05-04 17:40:17

Version:           3.5.2 (using KDE 3.5.2, Frugalware Linux)
Compiler:          Target: i686-pc-linux-gnu
OS:                Linux (i686) release 2.6.16-fw4

Find should not search through the password field. we can reveal a full password using a few searches.

example:

visit: http://mail.yahoo.com in the "password field" enter any value say 12345, which will be shown as ***** (5 stars)

press '/' or ctrl+f to search, enter 12345 or 123, and press f3 to search again, you can see that find dialog parses even the *password* fields, and shows *** highlighted. which can be easily used to create the whole password.

I think it should not read/parse the password field. Though it's not a big security issue like kwallet which reveals passwords in clear text and *always visible in the systray* for people to exploit.

------- Comment #1 From George Staikos 2006-05-04 17:48:38 -------

Find should not find into password widgets.

------- Comment #2 From Dirk Mueller 2006-05-04 18:37:42 -------

SVN commit 537375 by mueller:

don't allow to find text in password fields
BUG: 126745


 M  +5 -3      khtml_part.cpp  


--- branches/KDE/3.5/kdelibs/khtml/khtml_part.cpp #537374:537375
@@ -3160,7 +3160,8 @@
         else if ( renderLineText )
         {
           khtml::RenderLineEdit *parentLine= static_cast<khtml::RenderLineEdit *>(obj);
-          s = parentLine->widget()->text();
+          if (parentLine->widget()->echoMode() == QLineEdit::Normal)
+            s = parentLine->widget()->text();
           s = s.replace(0xa0, ' ');
         }
         else if ( obj->isText() )
@@ -3470,7 +3471,8 @@
 	    text += static_cast<HTMLTextAreaElementImpl*>(n.handle())->value().string();
 	    break;
 	  case ID_INPUT:
-	    text += static_cast<HTMLInputElementImpl*>(n.handle())->value().string();
+            if (static_cast<HTMLInputElementImpl*>(n.handle())->inputType() != HTMLInputElementImpl::PASSWORD)
+  	      text += static_cast<HTMLInputElementImpl*>(n.handle())->value().string();
 	    break;
 	  case ID_SELECT:
 	    text += static_cast<HTMLSelectElementImpl*>(n.handle())->value().string();
@@ -4477,7 +4479,7 @@
     }
 
     child->m_serviceType = mimetype;
-    if ( child->m_frame )
+    if ( child->m_frame  && part->widget() )
       child->m_frame->setWidget( part->widget() );
 
     if ( child->m_type != khtml::ChildFrame::Object )

Platform:	unspecified
OS:	Linux
Keywords:
URL:

People

Reporter:	Mohd Asif Ali Rizwaan
Assigned To:	Konqueror Developers
CC:

Related actions

View Bug Activity

Format For Printing

Clone This Bug

Search for Duplicates

Note

You need to log in before you can comment on or make changes to this bug.

Attachments
Add an attachment (proposed patch, testcase, etc.)

Depends on:
Blocks:
	Show dependency tree - Show dependency graph

Actions

Reports

My Account