[issue10876] Zipfile crashes when zip password is set to 610/844/numerous other numbers
Antoine Pitrou
report at bugs.python.org
Mon Jan 10 12:34:41 CET 2011
Antoine Pitrou <pitrou at free.fr> added the comment:
Well, the password-checking scheme uses a one-byte check against the zip header for consistency.
So there is a (near) 1/256 chance of false positives, that is of bad passwords mistakenly detected as good; then the ZipFile class proceeds with unarchiving and that's where things fail (because the "decrypted" stream is really junk).
Therefore, I'd call it not a bug. If you want to crack a password, you need to trap this exception and interpret it as "bad password".
----------
nosy: +pitrou
resolution: -> invalid
status: open -> closed
type: crash -> behavior
versions: +Python 2.7, Python 3.1, Python 3.2 -Python 2.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue10876>
_______________________________________
More information about the Python-bugs-list
mailing list