Open ulfgebhardt opened 5 years ago
Thanks for reporting. Specifying the platform and adding a repro would be nice. I will not have time to look into this though. Thanks.
@vonovak Done - consider testing it out - its a simple while loop you have to put into your Write-KeyChain-Code
is it fixed in the latest version?
I still have the same problem and also with the latest library versions the problem still exists.
Has somebody else an idea howto solve it instead splitting the reading and writing?
I guess it is also the same as https://github.com/oblador/react-native-keychain/issues/208 (?)
Just ran into this on Android 7.
Hey Guys,
I just across the same issue, even in the version 7.0.0. I'm using RSA as the crypto option for android, without which a biometric prompt isn't displayed. But I'm getting string size error. Thanks @ulfgebhardt for the solution to such a complex problem.
I was wondering, can we compress our string token and then pass it as a token to setGenericPassword
and then decompress that token when it is returned from getGenericPassword
? Is that possible and advisable?
Bugreport
Writing more then 65kb results in corrupted data
reading the corrupt data results in
Unexpected token [...] in JSON at position 65536
Data written
Data read
The Code
Writing 30k Integers into the buffer
More Context
The Error
The Version
"react-native-keychain": "^3.0.0-rc.3"
The Device
A real Android 6.0 Device using react-native debug mode(maybe this causes trouble?)
The Current Solution
Split up the data into buckets, have another key which indexes the buckets.
This reduces speed, since there are more read/write Operations.
Assume:
Results in
ceil(n/b) + 1
read/write operationsNote: since its not easy to determine the size of an Object in byte, you have to select a size for the buckets which you consider save not to surpass 65kb.
The Current Solution's Code
Sorry for that mess, cleanup is not yet done - ping me here for a followup ;-)
Furthermore
Since the corruption in the data seem to be random bytes (changing values), I consider it likely that this is a bufferoverflow?!
And yes - this library is made to contain credentials not data - I know that we abuse its scope ;-)
(Possibly) Related
https://github.com/oblador/react-native-keychain/issues/120 https://github.com/oblador/react-native-keychain/issues/174 https://github.com/oblador/react-native-keychain/issues/208