[BUG] [DRLK] Modifying a credential overwrites credentials of other types in a user's credential list #34816
Labels
Comments
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Aug 7, 2024
Credential indices are per-type, so we should be checking both when locating the credential to be modified. Fixes project-chip#34816
|
@nlagueAlle Thank you for catching this! |
austina-csa
pushed a commit
to austina-csa/connectedhomeip
that referenced
this issue
Aug 12, 2024
…hip#34841) Credential indices are per-type, so we should be checking both when locating the credential to be modified. Fixes project-chip#34816
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Aug 19, 2024
Credential indices are per-type, so we should be checking both when locating the credential to be modified. Fixes project-chip#34816
ArekBalysNordic
pushed a commit
to ArekBalysNordic/sdk-connectedhomeip
that referenced
this issue
Nov 28, 2024
Credential indices are per-type, so we should be checking both when locating the credential to be modified. Fixes project-chip/connectedhomeip#34816
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reproduction steps
Description
The function DoorLockServer::modifyCredentialForUser() does not check the credential type when searching for the existing credential in the list of user credentials. This can lead to credentials being easily overwritten in the user's list depending on the order they were added to the user.
Reproduction steps
./chip-tool doorlock set-user 0 1 "test" 123 1 0 0 <destination-id> <endpoint-id> --timedInteractionTimeoutMs <ms_value>./chip-tool doorlock set-credential 0 '{ "credentialType": 2, "credentialIndex": 1 }' <CredentialData> 1 null null <destination-id> <endpoint-id> --timedInteractionTimeoutMs <ms_value>./chip-tool doorlock set-credential 0 '{ "credentialType": 1, "credentialIndex": 1 }' "1234" 1 null null <destination-id> <endpoint-id> --timedInteractionTimeoutMs <ms_value>./chip-tool doorlock get-user 1 <destination-id> <endpoint-id>./chip-tool doorlock set-credential 2 '{ "credentialType": 1, "credentialIndex": 1 }' "5678" 1 null null <destination-id> <endpoint-id> --timedInteractionTimeoutMs <ms_value>./chip-tool doorlock get-user 1 <destination-id> <endpoint-id>Output of Get User at Step 4
GetUserResponse: {
userIndex: 1
userName: test
userUniqueID: 123
userStatus: 1
userType: 0
credentialRule: 0
credentials: 1 entries
[1]: {
CredentialType: 2
CredentialIndex: 1
}
[2]: {
CredentialType: 1
CredentialIndex: 1
}
}
creatorFabricIndex: 1
lastModifiedFabricIndex: 1
nextUserIndex: null
}
Output of Get User at Step 6
GetUserResponse: {
userIndex: 1
userName: test
userUniqueID: 123
userStatus: 1
userType: 0
credentialRule: 0
credentials: 1 entries
[1]: {
CredentialType: 1
CredentialIndex: 1
}
[2]: {
CredentialType: 1
CredentialIndex: 1
}
}
creatorFabricIndex: 1
lastModifiedFabricIndex: 1
nextUserIndex: null
}
Potential Fix
Add a check for the credential type to DoorLockServer::modifyCredentialForUser() alongside the credential index check.
Bug prevalence
100% reproducible
GitHub hash of the SDK that was being used
main
Platform
core
Platform Version(s)
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: