Add repair functionality to strip invalid XML chars.

Refs #392

src/CMakeLists.txt

@@ -78,6 +78,7 @@ set(keepassx_SOURCES
     format/KeePass2.h
     format/KeePass2RandomStream.cpp
     format/KeePass2Reader.cpp
+    format/KeePass2Repair.cpp
     format/KeePass2Writer.cpp
     format/KeePass2XmlReader.cpp
     format/KeePass2XmlWriter.cpp
@@ -86,6 +87,7 @@ set(keepassx_SOURCES
     gui/ChangeMasterKeyWidget.cpp
     gui/Clipboard.cpp
     gui/DatabaseOpenWidget.cpp
+    gui/DatabaseRepairWidget.cpp
     gui/DatabaseSettingsWidget.cpp
     gui/DatabaseTabWidget.cpp
     gui/DatabaseWidget.cpp
@@ -180,6 +182,7 @@ set(keepassx_MOC
     gui/ChangeMasterKeyWidget.h
     gui/Clipboard.h
     gui/DatabaseOpenWidget.h
+    gui/DatabaseRepairWidget.h
     gui/DatabaseSettingsWidget.h
     gui/DatabaseTabWidget.h
     gui/DatabaseWidget.h

src/format/KeePass2Reader.cpp

@@ -43,7 +43,7 @@ KeePass2Reader::KeePass2Reader()
 {
 }
 
-Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& key)
+Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& key, bool keepDatabase)
 {
     QScopedPointer<Database> db(new Database());
     m_db = db.data();
@@ -178,7 +178,12 @@ Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& ke
 
     if (xmlReader.hasError()) {
         raiseError(xmlReader.errorString());
-        return Q_NULLPTR;
+        if (keepDatabase) {
+            return db.take();
+        }
+        else {
+            return Q_NULLPTR;
+        }
     }
 
     Q_ASSERT(version < 0x00030001 || !xmlReader.headerHash().isEmpty());
@@ -232,6 +237,11 @@ QByteArray KeePass2Reader::xmlData()
     return m_xmlData;
 }
 
+QByteArray KeePass2Reader::streamKey()
+{
+    return m_protectedStreamKey;
+}
+
 void KeePass2Reader::raiseError(const QString& errorMessage)
 {
     m_error = true;

src/format/KeePass2Reader.h

@@ -31,12 +31,13 @@ class KeePass2Reader
 
 public:
     KeePass2Reader();
-    Database* readDatabase(QIODevice* device, const CompositeKey& key);
+    Database* readDatabase(QIODevice* device, const CompositeKey& key, bool keepDatabase = false);
     Database* readDatabase(const QString& filename, const CompositeKey& key);
     bool hasError();
     QString errorString();
     void setSaveXml(bool save);
     QByteArray xmlData();
+    QByteArray streamKey();
 
 private:
     void raiseError(const QString& errorMessage);

src/format/KeePass2Repair.cpp

@@ -0,0 +1,107 @@
+/*
+ *  Copyright (C) 2016 Felix Geyer <debfx@fobos.de>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "KeePass2Repair.h"
+
+#include <QBuffer>
+#include <QRegExp>
+
+#include "format/KeePass2RandomStream.h"
+#include "format/KeePass2Reader.h"
+#include "format/KeePass2XmlReader.h"
+
+KeePass2Repair::KeePass2Repair()
+    : m_db(Q_NULLPTR)
+{
+}
+
+KeePass2Repair::RepairResult KeePass2Repair::repairDatabase(QIODevice* device, const CompositeKey& key)
+{
+    m_db = Q_NULLPTR;
+    m_errorStr.clear();
+
+    KeePass2Reader reader;
+    reader.setSaveXml(true);
+
+    Database* db = reader.readDatabase(device, key, true);
+    if (!reader.hasError()) {
+        delete db;
+        return NothingTodo;
+    }
+
+    QByteArray xmlData = reader.xmlData();
+    if (!db || xmlData.isEmpty()) {
+        delete db;
+        m_errorStr = reader.errorString();
+        return UnableToOpen;
+    }
+
+    bool repairAction = false;
+
+    QString xmlStart = QString::fromLatin1(xmlData.constData(), qMin(100, xmlData.size()));
+    QRegExp encodingRegExp("encoding=\"([^\"]+)\"", Qt::CaseInsensitive, QRegExp::RegExp2);
+    if (encodingRegExp.indexIn(xmlStart) != -1) {
+        if (encodingRegExp.cap(1).compare("utf-8", Qt::CaseInsensitive) != 0
+                && encodingRegExp.cap(1).compare("utf8", Qt::CaseInsensitive) != 0)
+        {
+            // database is not utf-8 encoded, we don't support repairing that
+            delete db;
+            return RepairFailed;
+        }
+    }
+
+    // try to fix broken databases because of bug #392
+    for (int i = (xmlData.size() - 1); i >= 0; i--) {
+        char ch = xmlData.at(i);
+        if (ch < 0x20 && ch != 0x09 && ch != 0x0A && ch != 0x0D) {
+            xmlData.remove(i, 1);
+            repairAction = true;
+        }
+    }
+
+    if (!repairAction) {
+        // we were unable to find the problem
+        delete db;
+        return RepairFailed;
+    }
+
+    KeePass2RandomStream randomStream;
+    randomStream.init(reader.streamKey());
+    KeePass2XmlReader xmlReader;
+    QBuffer buffer(&xmlData);
+    buffer.open(QIODevice::ReadOnly);
+    xmlReader.readDatabase(&buffer, db, &randomStream);
+
+    if (xmlReader.hasError()) {
+        delete db;
+        return RepairFailed;
+    }
+    else {
+        m_db = db;
+        return RepairSuccess;
+    }
+}
+
+Database* KeePass2Repair::database() const
+{
+    return m_db;
+}
+
+QString KeePass2Repair::errorString() const
+{
+    return m_errorStr;
+}

src/format/KeePass2Repair.h

@@ -0,0 +1,50 @@
+/*
+ *  Copyright (C) 2016 Felix Geyer <debfx@fobos.de>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef KEEPASSX_KEEPASS2REPAIR_H
+#define KEEPASSX_KEEPASS2REPAIR_H
+
+#include <QCoreApplication>
+#include <QIODevice>
+
+#include "core/Database.h"
+#include "keys/CompositeKey.h"
+
+class KeePass2Repair
+{
+    Q_DECLARE_TR_FUNCTIONS(KeePass2Repair)
+
+public:
+    enum RepairResult
+    {
+        NothingTodo,
+        UnableToOpen,
+        RepairSuccess,
+        RepairFailed
+    };
+
+    KeePass2Repair();
+    RepairResult repairDatabase(QIODevice* device, const CompositeKey& key);
+    Database* database() const;
+    QString errorString() const;
+
+private:
+    Database* m_db;
+    QString m_errorStr;
+};
+
+#endif // KEEPASSX_KEEPASS2REPAIR_H

src/gui/DatabaseRepairWidget.cpp

@@ -0,0 +1,103 @@
+/*
+ *  Copyright (C) 2016 Felix Geyer <debfx@fobos.de>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "DatabaseRepairWidget.h"
+
+#include <QFile>
+#include <QFileInfo>
+
+#include "ui_DatabaseOpenWidget.h"
+#include "core/Database.h"
+#include "core/Metadata.h"
+#include "format/KeePass2Repair.h"
+#include "gui/MessageBox.h"
+#include "keys/FileKey.h"
+#include "keys/PasswordKey.h"
+
+DatabaseRepairWidget::DatabaseRepairWidget(QWidget* parent)
+    : DatabaseOpenWidget(parent)
+{
+    m_ui->labelHeadline->setText(tr("Repair database"));
+
+    connect(this, SIGNAL(editFinished(bool)), this, SLOT(processEditFinished(bool)));
+}
+
+void DatabaseRepairWidget::openDatabase()
+{
+    CompositeKey masterKey;
+
+    if (m_ui->checkPassword->isChecked()) {
+        masterKey.addKey(PasswordKey(m_ui->editPassword->text()));
+    }
+
+    if (m_ui->checkKeyFile->isChecked()) {
+        FileKey key;
+        QString keyFilename = m_ui->comboKeyFile->currentText();
+        QString errorMsg;
+        if (!key.load(keyFilename, &errorMsg)) {
+            MessageBox::warning(this, tr("Error"), tr("Can't open key file").append(":\n").append(errorMsg));
+            Q_EMIT editFinished(false);
+        }
+        masterKey.addKey(key);
+    }
+
+    KeePass2Repair repair;
+
+    QFile file(m_filename);
+    if (!file.open(QIODevice::ReadOnly)) {
+        // TODO: error message
+        Q_EMIT editFinished(false);
+        return;
+    }
+    if (m_db) {
+        delete m_db;
+    }
+    QApplication::setOverrideCursor(QCursor(Qt::WaitCursor));
+    KeePass2Repair::RepairResult repairResult = repair.repairDatabase(&file, masterKey);
+    QApplication::restoreOverrideCursor();
+
+    switch (repairResult) {
+    case KeePass2Repair::NothingTodo:
+        MessageBox::information(this, tr("Error"), tr("Database opened fine. Nothing to do."));
+        Q_EMIT editFinished(false);
+        return;
+    case KeePass2Repair::UnableToOpen:
+        MessageBox::warning(this, tr("Error"), tr("Unable to open the database.").append("\n")
+                            .append(repair.errorString()));
+        Q_EMIT editFinished(false);
+        return;
+    case KeePass2Repair::RepairSuccess:
+        m_db = repair.database();
+        MessageBox::warning(this, tr("Success"), tr("The database has been successfully repaired\nYou can now save it."));
+        Q_EMIT editFinished(true);
+        return;
+    case KeePass2Repair::RepairFailed:
+        MessageBox::warning(this, tr("Error"), tr("Unable to repair the database."));
+        Q_EMIT editFinished(false);
+        return;
+    }
+}
+
+void DatabaseRepairWidget::processEditFinished(bool result)
+{
+    if (result) {
+        Q_EMIT success();
+    }
+    else {
+        Q_EMIT error();
+    }
+}

src/gui/DatabaseRepairWidget.h

@@ -0,0 +1,41 @@
+/*
+ *  Copyright (C) 2016 Felix Geyer <debfx@fobos.de>
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 2 or (at your option)
+ *  version 3 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef KEEPASSX_DATABASEREPAIRWIDGET_H
+#define KEEPASSX_DATABASEREPAIRWIDGET_H
+
+#include "gui/DatabaseOpenWidget.h"
+
+class DatabaseRepairWidget : public DatabaseOpenWidget
+{
+    Q_OBJECT
+
+public:
+    explicit DatabaseRepairWidget(QWidget* parent = Q_NULLPTR);
+
+Q_SIGNALS:
+    void success();
+    void error();
+
+protected:
+    void openDatabase() Q_DECL_OVERRIDE;
+
+private Q_SLOTS:
+    void processEditFinished(bool result);
+};
+
+#endif // KEEPASSX_DATABASEREPAIRWIDGET_H

src/gui/MainWindow.cpp

@@ -27,8 +27,12 @@
 #include "core/FilePath.h"
 #include "core/InactivityTimer.h"
 #include "core/Metadata.h"
+#include "format/KeePass2Writer.h"
 #include "gui/AboutDialog.h"
 #include "gui/DatabaseWidget.h"
+#include "gui/DatabaseRepairWidget.h"
+#include "gui/FileDialog.h"
+#include "gui/MessageBox.h"
 
 const QString MainWindow::BaseWindowTitle = "KeePassX";
 
@@ -163,6 +167,8 @@ MainWindow::MainWindow()
             SLOT(changeDatabaseSettings()));
     connect(m_ui->actionImportKeePass1, SIGNAL(triggered()), m_ui->tabWidget,
             SLOT(importKeePass1Database()));
+    connect(m_ui->actionRepairDatabase, SIGNAL(triggered()), this,
+            SLOT(repairDatabase()));
     connect(m_ui->actionExportCsv, SIGNAL(triggered()), m_ui->tabWidget,
             SLOT(exportToCsv()));
     connect(m_ui->actionLockDatabases, SIGNAL(triggered()), m_ui->tabWidget,
@@ -366,6 +372,7 @@ void MainWindow::setMenuActionState(DatabaseWidget::Mode mode)
     m_ui->actionDatabaseOpen->setEnabled(inDatabaseTabWidgetOrWelcomeWidget);
     m_ui->menuRecentDatabases->setEnabled(inDatabaseTabWidgetOrWelcomeWidget);
     m_ui->actionImportKeePass1->setEnabled(inDatabaseTabWidgetOrWelcomeWidget);
+    m_ui->actionRepairDatabase->setEnabled(inDatabaseTabWidgetOrWelcomeWidget);
 
     m_ui->actionLockDatabases->setEnabled(m_ui->tabWidget->hasLockableDatabases());
 }
@@ -598,6 +605,36 @@ void MainWindow::lockDatabasesAfterInactivity()
     m_ui->tabWidget->lockDatabases();
 }
 
+void MainWindow::repairDatabase()
+{
+    QString filter = QString("%1 (*.kdbx);;%2 (*)").arg(tr("KeePass 2 Database"), tr("All files"));
+    QString fileName = fileDialog()->getOpenFileName(this, tr("Open database"), QString(),
+                                                     filter);
+    if (fileName.isEmpty()) {
+        return;
+    }
+
+    QScopedPointer<QDialog> dialog(new QDialog(this));
+    DatabaseRepairWidget* dbRepairWidget = new DatabaseRepairWidget(dialog.data());
+    connect(dbRepairWidget, SIGNAL(success()), dialog.data(), SLOT(accept()));
+    connect(dbRepairWidget, SIGNAL(error()), dialog.data(), SLOT(reject()));
+    dbRepairWidget->load(fileName);
+    if (dialog->exec() == QDialog::Accepted && dbRepairWidget->database()) {
+        QString saveFileName = fileDialog()->getSaveFileName(this, tr("Save repaired database"), QString(),
+                                                             tr("KeePass 2 Database").append(" (*.kdbx)"),
+                                                             Q_NULLPTR, 0, "kdbx");
+
+        if (!saveFileName.isEmpty()) {
+            KeePass2Writer writer;
+            writer.writeDatabase(saveFileName, dbRepairWidget->database());
+            if (writer.hasError()) {
+                MessageBox::critical(this, tr("Error"), tr("Writing the database failed.") + "\n\n"
+                                     + writer.errorString());
+            }
+        }
+    }
+}
+
 bool MainWindow::isTrayIconEnabled() const
 {
 #ifdef Q_OS_MAC

src/gui/MainWindow.h

@@ -66,6 +66,7 @@ private Q_SLOTS:
     void trayIconTriggered(QSystemTrayIcon::ActivationReason reason);
     void toggleWindow();
     void lockDatabasesAfterInactivity();
+    void repairDatabase();
 
 private:
     static void setShortcut(QAction* action, QKeySequence::StandardKey standard, int fallback = 0);

src/gui/MainWindow.ui

@@ -121,6 +121,7 @@
     <addaction name="separator"/>
     <addaction name="actionImportKeePass1"/>
     <addaction name="actionExportCsv"/>
+    <addaction name="actionRepairDatabase"/>
     <addaction name="separator"/>
     <addaction name="actionQuit"/>
    </widget>
@@ -422,6 +423,11 @@
     <string>Export to CSV file</string>
    </property>
   </action>
+  <action name="actionRepairDatabase">
+   <property name="text">
+    <string>Repair database</string>
+   </property>
+  </action>
  </widget>
  <customwidgets>
   <customwidget>

tests/TestKeePass2Writer.cpp

@@ -20,6 +20,7 @@
 #include <QBuffer>
 #include <QTest>
 
+#include "config-keepassx-tests.h"
 #include "tests.h"
 #include "FailDevice.h"
 #include "core/Database.h"
@@ -27,6 +28,7 @@
 #include "core/Metadata.h"
 #include "crypto/Crypto.h"
 #include "format/KeePass2Reader.h"
+#include "format/KeePass2Repair.h"
 #include "format/KeePass2Writer.h"
 #include "format/KeePass2XmlWriter.h"
 #include "keys/PasswordKey.h"
@@ -127,6 +129,34 @@ void TestKeePass2Writer::testDeviceFailure()
     delete db;
 }
 
+void TestKeePass2Writer::testRepair()
+{
+    QString brokenDbFilename = QString(KEEPASSX_TEST_DATA_DIR).append("/bug392.kdbx");
+    // master password = test
+    // entry username: testuser\x10
+    // entry password: testpw
+    CompositeKey key;
+    key.addKey(PasswordKey("test"));
+
+    // test that we can't open the broken database
+    KeePass2Reader reader;
+    Database* dbBroken = reader.readDatabase(brokenDbFilename, key);
+    QVERIFY(!dbBroken);
+    QVERIFY(reader.hasError());
+
+    // test if we can repair the database
+    KeePass2Repair repair;
+    QFile file(brokenDbFilename);
+    file.open(QIODevice::ReadOnly);
+    QCOMPARE(repair.repairDatabase(&file, key), KeePass2Repair::RepairSuccess);
+    Database* dbRepaired = repair.database();
+    QVERIFY(dbRepaired);
+
+    QCOMPARE(dbRepaired->rootGroup()->entries().size(), 1);
+    QCOMPARE(dbRepaired->rootGroup()->entries().at(0)->username(), QString("testuser"));
+    QCOMPARE(dbRepaired->rootGroup()->entries().at(0)->password(), QString("testpw"));
+}
+
 void TestKeePass2Writer::cleanupTestCase()
 {
     delete m_dbOrg;

tests/TestKeePass2Writer.h

@@ -33,6 +33,7 @@ private Q_SLOTS:
     void testAttachments();
     void testNonAsciiPasswords();
     void testDeviceFailure();
+    void testRepair();
     void cleanupTestCase();
 
 private: