iphone-dataprotection
iphone-dataprotection copied to clipboard
Published
20 hours ago •
nabla-c0d3
nabla-c0d3
read_file() in backup4.py is reporting "Incorrect padding for file" because record.size is bogus.
What steps will reproduce the problem?
1. Restore "Library/Calendar/Calendar.sqlitedb" from HomeDomain in an encrypted
backup.
What is the expected output? What do you see instead?
I see:
WARNING: Incorrect padding for file Library/Calendar/Calendar.sqlitedb
And the restored file is correctly decrypted, but truncated.
Expected output is a non-truncated file.
This also occurs with the Library/SMS/sms.db file.
The phone is running iOS 6.1.4.
What version of the product are you using? On what operating system?
OS X version :
XCode version :
Tools revision : e51ae39e7f5b+ tip
Please provide any additional information below.
The encrypted file is valid with a padding of 16. The issue is that the code
in backup4.py is relying on the "record.size" instead of just checking for
PKCS5 padding. It appears that record.size can be incorrect in some cases,
probably an apple bug.
This recurs after wiping the backup directory and backing up again. (I did not
reboot the phone.)
If I change the code just do standard PKCS5 padding removal, it works, and I
get a valid file. For testing, I used the following code:
diff -r e51ae39e7f5b python_scripts/backups/backup4.py
--- a/python_scripts/backups/backup4.py Sun May 26 13:13:10 2013 +0200
+++ b/python_scripts/backups/backup4.py Wed Aug 14 19:34:51 2013 -0700
@@ -160,7 +160,14 @@
file_data = AESdecryptCBC(file_data, key)
padding = file_data[record.size:]
if len(padding) > 16 or padding != chr(len(padding)) * len(padding):
- warn("Incorrect padding for file %s" % record.path)
+ warn("Incorrect padding for file %s %d %d" % (record.path,
len(file_data),record.size))
+ c = file_data[-1]
+ i = ord(c)
+ if i < 17 and file_data.endswith(c*i):
+ warn("But good padding of %d anyway" % i)
+ file_data = file_data[:-i]
+
+ return file_data
file_data = file_data[:record.size]
return file_data
And got:
WARNING: Incorrect padding for file Library/Calendar/Calendar.sqlitedb 9441296
9424896
WARNING: But good padding of 16 anyway
WARNING: Incorrect padding for file Library/SMS/sms.db 1019920 1015808
WARNING: But good padding of 16 anyway
Original issue reported on code.google.com by [email protected] on 15 Aug 2013 at 2:41
This issue was updated by revision 4222556965e9.
Original comment by [email protected] on 18 Aug 2013 at 11:18
Thanks a lot for the great report and patch, just pushed it to the repo.
Original comment by [email protected] on 18 Aug 2013 at 11:19
- Changed state: Accepted