szuecs
commented
5 months ago Thanks for the issue! Do you want to create a pr to fix it?
Open JackMordaunt opened 5 months ago
szuecs
commented
5 months ago Thanks for the issue! Do you want to create a pr to fix it?
mikkeloscar
commented
5 months ago @JackMordaunt How do you create those secrets that are wrongly encoded from go-keyring perspective? are they created via go-keyring or in another way?
JackMordaunt
commented
5 months ago @JackMordaunt How do you create those secrets that are wrongly encoded from go-keyring perspective? are they created via go-keyring or in another way?
I'm not sure how this came about, as it was a reported by someone else without a reproducer.
I suspect it was a third-party application that they used to write the initial value (perhaps Windows Credential Manager writes utf16 under certain configurations?)
First, thanks for this package!
There is a bug on Windows.
This line converts a byte slice to a Go string. This is fine if the byte slice is utf8, however ~Windows likes to store strings as utf16~ it seems like the content of this blob is application defined. Nonetheless when the content is utf16, the result of the cast is an invalid Go string.
The fix would be to validate the byte slice and convert it to utf8 prior to casting it into a Go string.
Edit: I've looked into this somewhat and have realized there's no easy way to do this conversion in general, without knowing the encoding ahead of time.