#1150 \0 null character at the end of the password

v1.0_(example)
closed
Rony Shapiro
None
1
2014-03-07
2013-12-11
yshirman
No

Password in versions 0.91 and 0.92 of the linux program is stored with \0 null terminating character. This poses no problem on linux, but \0 is interpreted on android as a regular UTF-8 character, thus it is copied incorrectly. (Thanks to Jeff Harris for figuring out details; I'm posting the bug here following Rony's suggestion.)

The password of the attached sample file is test.

1 Attachments

Discussion

  • Rony Shapiro
    Rony Shapiro
    2013-12-15

    • status: open --> pending
    • assigned_to: Rony Shapiro
     
  • Rony Shapiro
    Rony Shapiro
    2013-12-15

    Fixed in commit 28ef33b.
    Let me know if you'd like a test build with this fix (if so, what platform are you using?).

     
  • yshirman
    yshirman
    2013-12-16

    Could you send me a test build?
    I'm using x86_64, if you had an rpm or srpm, this would be great.

     
    Last edit: yshirman 2013-12-16
  • yshirman
    yshirman
    2013-12-17

    I pathched source 0.92 rpm with changes in the commit 28ef33b and after rebuilding rpm it looks like everything works on android side now.

     
    Last edit: yshirman 2013-12-17
  • Rony Shapiro
    Rony Shapiro
    2013-12-17

    Cool. Thanks for the confirmation.

     
  • Ben Tullis
    Ben Tullis
    2013-12-30

    I too would appreciate either a test build or a new release of the Linux version, because I'm affected by this bug as well.
    Despite that, thanks for an excellent application.

     
    • Rony Shapiro
      Rony Shapiro
      2013-12-30

      Ben - on what platform are you running?

       
      • Ben Tullis
        Ben Tullis
        2013-12-30

         
        Last edit: Ben Tullis 2013-12-30
      • Ben Tullis
        Ben Tullis
        2013-12-30

        I'm running on Linux amd64.
        Debian Wheezy.
        Password Safe version 0.92 BETA is installed from the .deb package.

        It might be worth mentioning that this \0 character issue breaks compatibility with Password Gorilla (https://github.com/zdia/gorilla/wiki) as well. With this application I can load my .psafe3 file and remove the final character from each field, in order to 'repair' the database.

        Hope that helps. Let me know if you'd like any further information or examples.

         
  • Ben Tullis
    Ben Tullis
    2013-12-30

    Hi Rony,

    Thanks for that.
    The issue seems completely resolved in this version.

    I've tested by changing my database with this version, then opening it with both Password Gorilla on Linux and PasswdSafe on Android. The extra characters don't show up with either application, so it seems fixed.

    Now, if I can help at all with this bug, that would be great too. :-)

    Many thanks,
    Ben

     
  • Rony Shapiro
    Rony Shapiro
    2014-03-07

    • Status: pending --> closed