From b6716c4d309036082471be9a7d0c68949b0ee44b Mon Sep 17 00:00:00 2001 From: Henry Rovner Date: Mon, 6 Nov 2023 11:17:24 -0800 Subject: [PATCH] secret-tool: Verify that the parsed stdin password is vaild UTF-8 --- tool/secret-tool.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tool/secret-tool.c b/tool/secret-tool.c index 642d9c0..95c05f5 100644 --- a/tool/secret-tool.c +++ b/tool/secret-tool.c @@ -272,9 +272,13 @@ read_password_stdin (void) } } - /* TODO: Verify that the password really is utf-8 text. */ - return secret_value_new_full (password, length, "text/plain", + if (g_utf8_validate (password, -1, NULL)) { + return secret_value_new_full (password, length, "text/plain", (GDestroyNotify)secret_password_free); + } else { + g_printerr ("%s: password not valid UTF-8\n", g_get_prgname ()); + exit (1); + } } static SecretValue *