Query libsecret password after matching attributes against login form

Call secret_item_load_secret_sync only after matching the attributes of the secret item against the requested login form. This does not only improve the security as we don't query all available passwords, but also reduces the number of required dbus calls. The current code, for example, queried all passwords, even if none of the entries matched. R=dvadym@chromium.org Bug: 859305 Change-Id: I5e0432942d71d86fc9b06b86318b123614ab1be1 Reviewed-on: https://chromium-review.googlesource.com/1137816Reviewed-by: Vadym Doroshenko <dvadym@chromium.org> Commit-Queue: Vadym Doroshenko <dvadym@chromium.org> Cr-Commit-Position: refs/heads/master@{#575218}

Query libsecret password after matching attributes against login form
Call secret_item_load_secret_sync only after matching the attributes of the secret item against the requested login form. This does not only improve the security as we don't query all available passwords, but also reduces the number of required dbus calls. The current code, for example, queried all passwords, even if none of the entries matched. R=dvadym@chromium.org Bug: 859305 Change-Id: I5e0432942d71d86fc9b06b86318b123614ab1be1 Reviewed-on: https://chromium-review.googlesource.com/1137816Reviewed-by: Vadym Doroshenko <dvadym@chromium.org> Commit-Queue: Vadym Doroshenko <dvadym@chromium.org> Cr-Commit-Position: refs/heads/master@{#575218}
6eab4baf · Michael Müller · Commit Bot · a245b973 · 6eab4baf
Commit 6eab4baf authored Jul 16, 2018 by Michael Müller Committed by Commit Bot Jul 16, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 7 deletions

chrome/browser/password_manager/native_backend_libsecret.cc chrome/browser/password_manager/native_backend_libsecret.cc +8 -7

No files found.
--- a/chrome/browser/password_manager/native_backend_libsecret.cc
+++ b/chrome/browser/password_manager/native_backend_libsecret.cc
@@ -491,13 +491,6 @@ NativeBackendLibsecret::ConvertFormList(
  for (GList* element = g_list_first(found); element != nullptr;
       element = g_list_next(element)) {
    SecretItem* secretItem = static_cast<SecretItem*>(element->data);
-    LibsecretLoader::secret_item_load_secret_sync(secretItem, nullptr, &error);
-    if (error) {
-      LOG(ERROR) << "Unable to load secret item" << error->message;
-      g_error_free(error);
-      error = nullptr;
-      continue;
-    }
    GHashTable* attrs = LibsecretLoader::secret_item_get_attributes(secretItem);
    std::unique_ptr<PasswordForm> form(FormOutOfAttributes(attrs));
    g_hash_table_unref(attrs);
@@ -526,6 +519,14 @@ NativeBackendLibsecret::ConvertFormList(
      }
    }

+    LibsecretLoader::secret_item_load_secret_sync(secretItem, nullptr, &error);
+    if (error) {
+      LOG(ERROR) << "Unable to load secret item" << error->message;
+      g_error_free(error);
+      error = nullptr;
+      continue;
+    }
+
    SecretValue* secretValue =
        LibsecretLoader::secret_item_get_secret(secretItem);
    if (secretValue) {