From 7d6dec64138550643ee57c5a5341fa5c758c7f6f Mon Sep 17 00:00:00 2001 From: Mathijs van Veluw Date: Fri, 20 Sep 2024 20:38:42 +0200 Subject: [PATCH] Fix encrypted lastUsedDate (#4972) It appears that some password histories have an encrypted value on the `lastUsedDate` Instead of only checking if it is a string, also check if it is a valid RFC Date/Time String. If not, set it also to epoch 0. Signed-off-by: BlackDex --- src/db/models/cipher.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/db/models/cipher.rs b/src/db/models/cipher.rs index d0a95d3c..a445e5c5 100644 --- a/src/db/models/cipher.rs +++ b/src/db/models/cipher.rs @@ -1,6 +1,6 @@ use crate::util::LowerCase; use crate::CONFIG; -use chrono::{NaiveDateTime, TimeDelta, Utc}; +use chrono::{DateTime, NaiveDateTime, TimeDelta, Utc}; use serde_json::Value; use super::{ @@ -190,14 +190,14 @@ impl Cipher { .map(|d| { // Check every password history item if they are valid and return it. // If a password field has the type `null` skip it, it breaks newer Bitwarden clients - // A second check is done to verify the lastUsedDate exists and is a string, if not the epoch start time will be used + // A second check is done to verify the lastUsedDate exists and is a valid DateTime string, if not the epoch start time will be used d.into_iter() .filter_map(|d| match d.data.get("password") { Some(p) if p.is_string() => Some(d.data), _ => None, }) - .map(|d| match d.get("lastUsedDate") { - Some(l) if l.is_string() => d, + .map(|d| match d.get("lastUsedDate").and_then(|l| l.as_str()) { + Some(l) if DateTime::parse_from_rfc3339(l).is_ok() => d, _ => { let mut d = d; d["lastUsedDate"] = json!("1970-01-01T00:00:00.000Z");