subject:"\[Bug 350640\] Re\: unzip shell call"

[Bug 350640] Re: unzip shell call

2011-04-22 Thread Brian Murray

Natty has the version of fcrackzip with the patch.

9:54:00 - flash:[/tmp] rmadison fcrackzip
 fcrackzip |  0.3-2 | dapper/universe | source, amd64, i386, powerpc
 fcrackzip |  0.3-2 | hardy/universe | source, amd64, i386
 fcrackzip | 1.0-0ubuntu1 | karmic/universe | source, amd64, i386
 fcrackzip |  1.0-1 | lucid/universe | source, amd64, i386
 fcrackzip |  1.0-1 | maverick/universe | source, amd64, i386
 fcrackzip |  1.0-2 | natty/universe | source, amd64, i386

** Changed in: fcrackzip (Ubuntu)
   Status: Triaged = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/350640

Title:
  unzip shell call

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2011-04-21 Thread Jari Aalto

Already included in Debian fcrackzip/1.0-2. See

http://patch-
tracker.debian.org/patch/series/view/fcrackzip/1.0-2/20-bug-430387
-cannot-deal-files-with-special-chars.patch

This bug can be closed.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/350640

Title:
  unzip shell call

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-08-04 Thread Brian Murray

** Changed in: fcrackzip (Ubuntu)
   Status: Confirmed = Triaged

** Changed in: fcrackzip (Ubuntu)
   Importance: Undecided = Medium

** Changed in: fcrackzip (Debian)
   Status: Won't Fix = New

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-08-01 Thread Richard Corner

Should I be creating a new bug? It seems that Debian has the problem
with unescaped characters in the file path marked as fixed (Debian bug
#430387), but the problem with unescaped characters in passwords seems
to remain.

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-08-01 Thread Brian Murray

** Tags added: patch

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-07-31 Thread Richard Corner

I experience the same problem as Alex Harrington in Lucid, with the same
version of fcrackzip.

Not only the file path but the password string is passed on the shell
command line to unzip. So it seems the passwords should also be escaped
for the shell's consumption.

I attach a patch that I think fixes the issue.

** Patch added: Patch to escape passwords and paths in shell command to unzip
   http://launchpadlibrarian.net/52808029/FixEscapes.patch

** Changed in: fcrackzip (Ubuntu)
   Status: Fix Released = In Progress

** Changed in: fcrackzip (Ubuntu)
   Status: In Progress = Confirmed

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-07-20 Thread Alex Harrington

Sorry if I've missed something but I'm still seeing this on Lucid:

$ apt-cache policy fcrackzip
fcrackzip:
  Installed: 1.0-1
  Candidate: 1.0-1
  Version table:
 *** 1.0-1 0
500 http://gb.archive.ubuntu.com/ubuntu/ lucid/universe Packages
100 /var/lib/dpkg/status

$ fcrackzip -u --brute-force myzip.zip

I get lots of these output:

sh: Syntax error: Unterminated quoted string
sh: Syntax error: Missing '))'

Same if I use a dictionary with the -D -p english.dic syntax too.

Alex

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2010-02-11 Thread Brian Murray

This seems to have been solved a different way but fixed nonetheless in
Lucid.

char *
path_for_shell (char *dest, const char *str)
{
  /* backslash shell special charatcers */

  char ch, *p = dest;
  size_t len = strlen(str);
  int i;

  for (i = 0; i  len; i++)
  {
ch = str[i];

switch (ch)
{
/* ASCII table order */
case '!':
case '':
case '#':
case '$':
case '':
case 0x27: /* single quote */
case '(':
case ')':
case '*':
case '+':
case 0x2C:
case ':':
case ';':
case '':
case '':
case '?':
case '[':
case '\\':
case ']':
case '^':
case '`':
case '{':
case '|':
case '}':
  /* backslash special characters */
  *p++ = '\\';
  *p++ = ch;
  break;
default:
  *p++ = ch;
}
  }

  /* terminate string */
  *p = '\0';

  return dest;
}

** Changed in: fcrackzip (Debian)
   Status: New = Won't Fix

** Changed in: fcrackzip (Ubuntu)
   Status: New = Fix Released

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2009-03-30 Thread Brian Murray

** Also affects: fcrackzip (Debian)
   Importance: Undecided
   Status: New

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

2009-03-28 Thread Tomas Jakstas


** Attachment added: Simple escape
   http://launchpadlibrarian.net/24467757/diff

-- 
unzip shell call
https://bugs.launchpad.net/bugs/350640
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

[Bug 350640] Re: unzip shell call

10 matches

Site Navigation

Mail list logo

Footer information