[pass] [PATCH] Do not interpret backslashes when reading passwords

Sung Pae sungpae at gmail.com
Wed Oct 17 00:52:00 CEST 2012


The patch follows inline, and is also available at:


Thank you for the excellent software.


From fece73d3432b2698c710a98a6c16a15bcbd6bde6 Mon Sep 17 00:00:00 2001
From: guns <self at sungpae.com>
Date: Tue, 16 Oct 2012 17:28:15 -0500
Subject: [PATCH] Do not interpret backslashes when reading passwords

The `read` builtin accepts backslash notation for common non-printing
characters by default, like `\t` and `\n`. This requires that any
literal backslashes must also be escaped as `\\`.

Given that `gpg -e` does not interpret input, the `read` invocations are
changed to do the same.

Also, the right hand side of an `==` comparison within `[[ ]]` must be
quoted in order to suppress pattern metacharacter expansion. Quoting the
bash manual:

    When the == and != operators are used, the string to the right of
    the operator is considered a pattern and matched according to the
    rules described below under Pattern Matching.
 src/password-store.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index eabbb50..8dea924 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -261,11 +261,11 @@ case "$command" in
 			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS
 		elif [[ $noecho -eq 1 ]]; then
 			while true; do
-				read -p "Enter password for $path: " -s password
+				read -r -p "Enter password for $path: " -s password
-				read -p "Retype password for $path: " -s password_again
+				read -r -p "Retype password for $path: " -s password_again
-				if [[ $password == $password_again ]]; then
+				if [[ $password == "$password_again" ]]; then
 					gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
@@ -273,7 +273,7 @@ case "$command" in
-			read -p "Enter password for $path: " -e password
+			read -r -p "Enter password for $path: " -e password
 			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
 		git_add_file "$passfile" "Added given password for $path to store."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20121016/9506d62c/attachment.asc>

More information about the Password-Store mailing list