Snippets Groups Projects

Empty string password in store fails assertion

Empty string password apparently leads to assertion failure: https://forum.videolan.org/viewtopic.php?f=13&t=165343

While obviously not a good choice of a password, we have to handle it properly.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Child items 0

No child items are currently assigned. Use child items to break down this issue into smaller parts.

Activity

Rémi Denis-Courmont added Type::bug label 5 months ago

added Type::bug label
Thomas Guillem @tguillem · 5 months ago

Maintainer
It is not possible to store an entry with empty password via VLC.

But it is possible that another app does it.

What should we do ?

Enable store/find of empty password (and fixes checks)

Just check empty password when fetching entries and discard them.

Edited 5 months ago by Thomas Guillem
Rémi Denis-Courmont @Courmisch · 5 months ago

Author Maintainer

Empty passwords are legal at least in HTTP Basic, so we can't just decree that they aren't.

Please register or sign in to reply

Labels

None

Milestone

None

Due date

None

Confidentiality

Not confidential

0 Participants

VideoLAN code repository instance