[PATCH] Do not add newline at the end of the password

[Daniel Mach]

On 14. 04. 22 13:52, Byron Torres wrote:
> On Thu Apr 14, 2022 at 12:26 PM BST, Daniel Mach wrote:
> ->%-
>> -			echo "$pass" | $BASE64 -d
>> +			echo -n "$pass" | $BASE64 -d
>> +			echo >&2
> ->%-
>> -				echo "$password" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" || die "Password encryption aborted."
>> +				echo -n "$password" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" || die "Password encryption aborted."
> ->%-
>> -		echo "$password" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" || die "Password encryption aborted."
>> +		echo -n "$password" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" || die "Password encryption aborted."
> It should be noted that echo is notoriously buggy and unpredictable when
> it comes to '-x' options like '-n' or '-e'. Some echo implementations
> ignore or misused them.
>
> It is much more reliable to use printf.
>
> 	printf '%s' "$pass" | $BASE64 -d
> 	printf '\n' >&2
>
> 	printf '%s' "$password" | $GPG ...
>
> I'm not familiar with the source code, but I'd imagine virtually all
> instances of echo shouldn't be there, and should instead be printf
> statements. Perhaps pass(1) relies on the usage of specific shells,
> specific versions of said shells, and specific builtin implementations
> of POSIX utilities, namely bash and it's builtin echo. I'd say that
> isn't good. I digress.
>
> And worth noting, if one is to use certain non-POSIX syntax in printf,
> like '\xNN' hexadecimal representations, it is wise to use the installed
> printf, not the shell builtin printf.
>
> 	env printf '\x1b[31mRED TEXT\x1b[m\n'
>
I think this is out of scope of my patch, because pass uses 'echo -n' in 
several other places already and I'd have to change them as well.