[Forensics-changes] [fcrackzip] 49/93: debian/patches/30-password-escape.patch: new

[Giovani Augusto Ferreira]

This is an automated email from the git hooks/post-receive script.

giovani-guest pushed a commit to branch debian
in repository fcrackzip.

commit 25b99e7d3102f9f525323360835dc256f7430eed
Author: Jari Aalto <jari.aalto at cante.net>
Date:   Mon Oct 25 17:00:24 2010 +0300

    debian/patches/30-password-escape.patch: new
---
 debian/patches/30-password-escape.patch | 134 ++++++++++++++++++++++++++++++++
 1 file changed, 134 insertions(+)

diff --git a/debian/patches/30-password-escape.patch b/debian/patches/30-password-escape.patch
new file mode 100644
index 0000000..7a3b0c2
--- /dev/null
+++ b/debian/patches/30-password-escape.patch
@@ -0,0 +1,134 @@
+From 807f78d2c25cb16cf458cb1a35f0d7a3d9dce22b Mon Sep 17 00:00:00 2001
+From: Jari Aalto <jari.aalto at cante.net>
+Date: Mon, 25 Oct 2010 16:59:44 +0300
+Subject: [PATCH] Fix passwords for: Syntax error Unterminated quoted string by https://launchpad.net/~rcornerin LP#350640
+Organization: Private
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Jari Aalto <jari.aalto at cante.net>
+---
+ main.c |  101 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 files changed, 100 insertions(+), 1 deletions(-)
+
+diff --git a/main.c b/main.c
+index f632241..d18c482 100644
+--- a/main.c
++++ b/main.c
+@@ -44,13 +44,112 @@ static int modul = 1;
+ 
+ static FILE *dict_file;
+ 
++char *
++path_for_shell (char *dest, const char *str)
++{
++  /* backslash shell special charatcers */
++
++  char ch, *p = dest;
++  size_t len = strlen(str);
++  int i;
++
++  for (i = 0; i < len; i++)
++  {
++    ch = str[i];
++
++    switch (ch)
++    {
++    /* ASCII table order */
++    case 0x20: /* space */
++    case '!':
++    case '"':
++    case '#':
++    case '$':
++    case '&':
++    case 0x27: /* single quote */
++    case '(':
++    case ')':
++    case '*':
++    case '+':
++    case 0x2C: /* comma */
++    case ':':
++    case ';':
++    case '<':
++    case '>':
++    case '?':
++    case '[':
++    case '\\':
++    case ']':
++    case '^':
++    case '`':
++    case '{':
++    case '|':
++    case '}':
++    case '~':
++      /* backslash special characters */
++      *p++ = '\\';
++      *p++ = ch;
++      break;
++    default:
++      *p++ = ch;
++    }
++  }
++
++  /* terminate string */
++  *p = '\0';
++
++  return dest;
++}
++
++char *
++escape_pw (char *dest, const char *str)
++{
++  /* backslash shell special charatcers */
++
++  char ch, *p = dest;
++  size_t len = strlen(str);
++  int i;
++
++  for (i = 0; i < len; i++)
++  {
++    ch = str[i];
++
++    switch (ch)
++    {
++    /* ASCII table order */
++    case '"':
++    case '$':
++    case 0x27: /* single quote */
++    case '\\':
++    case '`':
++      /* backslash special characters */
++      *p++ = '\\';
++      *p++ = ch;
++      break;
++    default:
++      *p++ = ch;
++    }
++  }
++
++  /* terminate string */
++  *p = '\0';
++
++  return dest;
++}
++
+ int REGPARAM
+ check_unzip (const char *pw)
+ {
+   char buff[1024];
++  char path[1024];
++  char escpw[256];
+   int status;
+ 
+-  sprintf (buff, "unzip -qqtP \"%s\" %s " DEVNULL, pw, file_path[0]);
++  escape_pw (escpw, pw);
++  path_for_shell (path, file_path[0]);
++
++  sprintf (buff, "unzip -qqtP \"%s\" %s " DEVNULL, escpw, path); 
++
+   status = system (buff);
+ 
+ #undef REDIR
+-- 
+1.7.1
+

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/fcrackzip.git