subject:"\[issue29739\] zipfile raises wrong exception for some incorrect passwords"

[issue29739] zipfile raises wrong exception for some incorrect passwords

2021-11-23 Thread Irit Katriel

Change by Irit Katriel : -- resolution: -> not a bug stage: -> resolved status: open -> closed ___ Python tracker ___ ___ Python-b

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-06-18 Thread Jack Cushman

Jack Cushman added the comment: Agreed that no one should be using zip encryption. :) I hit this issue working on an academic exercise. I'm fine with closing this. (I do think the exception types in zipfile set up a trap for the programmer here: Python throws a different exception type 1/256

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-06-18 Thread Serhiy Storchaka

Serhiy Storchaka added the comment: Actually this feature helps to do the brute-force attack. 255 of 256 passwords can be rejected by testing only the header. Old ZIP files encryption is very weak, it isn't used in serious applications. -- nosy: +r.david.murray status: open -> pending

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-03-07 Thread Serhiy Storchaka

Serhiy Storchaka added the comment: I don't think that this makes much sense. The exception raised for wrong password is not documented, even the fact that some exception is raised is not documented. In very rare cases you can read a data without any error using wrong password, but the result

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-03-07 Thread Jack Cushman

Jack Cushman added the comment: Ah, thanks! That makes sense. I see it's documented in "man unzip" as well: "The correct password will always check out against the header, but there is a 1-in-256 chance that an incorrect password will as well. (This is a security feature of the PKWARE zipfile

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-03-06 Thread Serhiy Storchaka

Serhiy Storchaka added the comment: ZIP file has something like 8-bit control sum for checking the validity of the password. With the chance 1/256 the check is passed for wrong password. This is unavoidable. -- ___ Python tracker

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-03-06 Thread Xiang Zhang

Changes by Xiang Zhang : -- nosy: +serhiy.storchaka ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mai

[issue29739] zipfile raises wrong exception for some incorrect passwords

2017-03-06 Thread Jack Cushman

New submission from Jack Cushman: This bug arises when attempting to unzip a password-protected zipfile using the wrong password. Usually when zipfile extraction is attempted with an incorrect password, zipfile raise `RuntimeError("Bad password for file")`. But for a small subset of passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

[issue29739] zipfile raises wrong exception for some incorrect passwords

8 matches

Site Navigation

Mail list logo

Footer information