SegFault after unlocking gnome-keyring to autofill password in Linux

[SteVwonder]

• Wavebox Version:4.5.9
• Operating System & Version: RHEL7 & Ubuntu
• (Linux only) Install method: Yum Repo (for RHEL) and apt repo (for Ubuntu)
• Account type (if applicable): confirmed on icloud and kanbanflow.com (but i assume it happens on others too)

Expected & actual behavior
Expected: right-click password field, unlock keyring, select password, password gets autofilled
Acutal: right-click password field, unlock keyring, segfault, re-launch wavebox, right-click field, password is autofilled (since the keyring was already unlocked)

Steps to reproduce
If you already have your keyring unlocked, kill gnome-keyring-daemon (pkill gnome-keyring-daemon) and re-launch the keyring daemon (/usr/bin/gnome-keyring-daemon -d).

Launch wavebox, go to a login page for a site that you already have a password saved for, right-click the password field, unlock the keyring via the gnome pop-up prompt, segfault.

Is the bug persistent or intermittent?
Persistent

Additional information
Interestingly enough, if you right-click on a site without a saved password, then the right-click menu appears and you can add the password and unlock the keyring without a crash. I only experience the crash when attempting to auto-fill the password for a site that already has a password saved.

On both machines, I am running with i3 window manager not the Gnome window manager, so the keyring is not automatically unlocked on login.

Running with logging on doesn't seem to provide much insight:

[14225:0103/215714.414433:VERBOSE1:ThreadState.cpp(1307)] [state:0x5b09200] CollectGarbage: time: 2.6ms stack: NoHeapPointersOnStack type: GCWithoutSweep reason: IdleGC
[14225:0103/215714.458937:VERBOSE1:ThreadState.cpp(974)] [state:0x5b09200] PostSweep: collection_rate: 0.3%
[14163:0103/215715.153281:VERBOSE1:network_delegate.cc(30)] NetworkDelegate::NotifyBeforeURLRequest: https://feedbackws.icloud.com/reportStats
Failed to get crash dump id.
Report Id: 
[1]    14163 segmentation fault (core dumped)  /opt/wavebox/Wavebox --enable-logging --v=1

But the gdb backtrace from the coredump seems to be more helpful:

#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x00007f4fb9f7e47e in __GI___strdup (s=0x0) at strdup.c:41
#2  0x00007f4fada5e3b2 in keytar::FindCredentials(std::string const&, std::vector<std::pair<std::string, std::string>, std::allocator<std::pair<st
d::string, std::string> > >*, std::string*) () from /tmp/.org.chromium.Chromium.fwabMJ
#3  0x00007f4fada5c806 in FindCredentialsWorker::Execute() () from /tmp/.org.chromium.Chromium.fwabMJ
#4  0x00007f4fc1a494ee in ?? () from /opt/wavebox/libnode.so
#5  0x00007f4fc04cb6ba in start_thread (arg=0x7f4f8a23c700) at pthread_create.c:333
#6  0x00007f4fb9ffa41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Based on that backtrace, I am guessing this keytar.FindCredential call is somehow involved in the crash.

[SteVwonder]

If I login and use the GNOME window manager, manually re-lock the login keyring via the Passwords and Keys gui app, and then attempt to autofill the password, everything works just fine. I am prompted for my password to unlock the keyring, I unlock it, and wavebox autofills the password. So I suspect running i3 as my window manager is also playing some critical part in this.

[Thomas101]

Thanks for the in-depth report! I'm seeing the same here. I'll see if I can figure out what's going on in the node-keytar library to cause this