diff options
| author | Vincent Bernat <vincent@bernat.ch> | 2019-02-08 11:26:32 +0100 |
|---|---|---|
| committer | Tad Fisher <129148+tadfisher@users.noreply.github.com> | 2020-09-12 12:46:09 -0700 |
| commit | 42307e4ec3f226547e4742f25cd92aa39db53627 (patch) | |
| tree | f0954cad320870f7531d0fe37bd23fb6b2308b65 | |
| parent | 6328ba84dba608209cece19dd08a1af76bd57fe8 (diff) | |
Do not remove password when new line is missing
If the password file doesn't end with a new line, the last line is
ignored because `read -r` will return a non-zero status, while still
setting the `$line` variable. Some implementations of pass, like
`gopass` do not create a password file ending with a new line.
Therefore, using `pass otp append` on these files will result in the
password being remove from the file.
To fix that, we ensure we insert the new line if it is missing.
I have added a test, but this is not enough to catch the problem
because `pass` will add the new line even when it is missing (for
example, using `echo -n | pass insert -e passfile` won't help to
trigger the bug).
| -rwxr-xr-x | otp.bash | 2 | ||||
| -rwxr-xr-x | test/append.t | 10 |
2 files changed, 11 insertions, 1 deletions
@@ -268,7 +268,7 @@ cmd_otp_append() { [[ -f $passfile ]] || die "Passfile not found" local existing contents="" - while IFS= read -r line; do + while IFS= read -r line || [ -n "$line" ]; do [[ -z "$existing" && "$line" == otpauth://* ]] && existing="$line" [[ -n "$contents" ]] && contents+=$'\n' contents+="$line" diff --git a/test/append.t b/test/append.t index 7f6d0af..a773e62 100755 --- a/test/append.t +++ b/test/append.t @@ -133,4 +133,14 @@ EOF [[ $("$PASS" show passfile) == "$expected" ]] ' +test_expect_success 'Keep original password' ' + existing="foo bar baz" + uri="otpauth://totp/Example:alice@google.com?secret=JBSWY3DPEHPK3PXP&issuer=Foo" + + test_pass_init && + "$PASS" insert -e passfile <<< "$existing" && + "$PASS" otp append -e passfile <<< "$uri" && + [[ $("$PASS" show passfile | head -1) == "$existing" ]] +' + test_done |