Bug#413055: kdelibs4c2a: KDE widget that accepts password behaves wrong when keyboard layout is not US

Wed, 01 Aug 2007 23:07:30 -0700 

On Friday 20 July 2007 00:12, Sune Vuorela wrote:
> One thing I don't fully understand in your bug report. Is it just a
> 'cosmetic' issue - or does logging in not work?
> What if you use backspace? do one or two stars dissapear ?

Ok. I have found the bug and written the patch. The bug is in KPasswordEdit 
widget. The author has chosen to store password in a raw char[] array (maybe, 
for security reasons). When the password field was updated, it printed as
many * as the length of this array. Backspace deleted only one char, that
is a half of UTF-8 cyrillic char, so this is definitely a bug.

I've tested it with latin and cyrillic passwords, both works!.

-- 
  Max

diff -Nrua sources/kdelibs-3.5.5a.dfsg.1/kdeui/kpassdlg.cpp kdelibs-3.5.5a.dfsg.1/kdeui/kpassdlg.cpp
--- sources/kdelibs-3.5.5a.dfsg.1/kdeui/kpassdlg.cpp	2006-01-19 20:07:18.000000000 +0300
+++ kdelibs-3.5.5a.dfsg.1/kdeui/kpassdlg.cpp	2007-08-02 05:43:09.000000000 +0400
@@ -205,7 +205,12 @@
 	if (e->state() & (ControlButton | AltButton))
 	    e->ignore();
 	else if (m_Length) {
-	    m_Password[--m_Length] = '\000';
+            QString tmp(QString::fromLocal8Bit(m_Password));
+            tmp.truncate(tmp.length() - 1);
+
+            const QCString localTxt = tmp.local8Bit();
+            qstrncpy(m_Password, localTxt, maxPasswordLength());
+	    m_Length = localTxt.length();
 	    showPass();
 	}
 	break;
@@ -261,15 +266,15 @@
 
 void KPasswordEdit::showPass()
 {
-    QString tmp;
+    QString tmp(QString::fromLocal8Bit(m_Password));
 
     switch (m_EchoMode) {
     case OneStar:
-	tmp.fill('*', m_Length);
+	tmp.fill('*');
 	setText(tmp);
 	break;
     case ThreeStars:
-	tmp.fill('*', m_Length*3);
+	tmp.fill('*', tmp.length()*3);
 	setText(tmp);
 	break;
     case NoEcho: default:
@@ -283,7 +288,7 @@
     if (newLength >= PassLen) newLength = PassLen - 1; // belt and braces
     if (newLength < 0) newLength = 0;
     int* t = ourMaxLength(this);
-    *t = newLength; 
+    *t = newLength;
     while (m_Length > newLength) {
         m_Password[m_Length] = '\000';
         --m_Length;
@@ -625,7 +630,7 @@
 
       const double lengthFactor = d->reasonablePasswordLength / 8.0;
 
-      
+
       int pwlength = (int) (pass.length() / lengthFactor);
       if (pwlength > 5) pwlength = 5;
 
@@ -646,7 +651,7 @@
       if ( pwstrength < 0 ) {
 	      pwstrength = 0;
       }
-  
+
       if ( pwstrength > 100 ) {
 	      pwstrength = 100;
       }

Reply via email to