On Tuesday, November 22, 2022 at 1:21:47 AM UTC+1 [email protected]
wrote:
> Hi,
>
> While investigating another issue in the Project Monitor, I saw the
> following code in MonitorEditProject:
>
> [[[
> pEditProject->username = CStringUtils::Encrypt(dlg.m_sUsername);
> pEditProject->password = CStringUtils::Encrypt(dlg.m_sPassword);
> pEditProject->username.Remove('\r');
> pEditProject->password.Remove('\r');
> pEditProject->username.Replace('\n', ' ');
> pEditProject->password.Replace('\n', ' ');
> ]]]
>
> Is there a guarantee that CryptBinaryToStringW (called by Encrypt) cannot
> return \r or \n in the encrypted (and formatted) data?
>
> The code was added in r25576. In r25909, the flag CRYPT_STRING_NOCRLF was
> added in the call to CryptBinaryToStringW.
>
Now that we don't support WinXP anymore, the string operations to
remove/replace newlines can be removed. But for XP it was necessary because
the CRYPT_STRING_NOCRLF option doesn't work on XP, which means there the
CryptBinaryToStringW API always appended a newline.
Stefan
--
You received this message because you are subscribed to the Google Groups
"TortoiseSVN-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/tortoisesvn-dev/43e25f7f-5889-4d79-9e82-8c3b085a8368n%40googlegroups.com.
