| Subject: | Database version-check syntax bad |
Because of Perl operator precedence, parentheses are needed in the tests of database version. Without this fix, the current KeePass 2.26 database format (version 3) passes the v2 test, and the program fails later on in header parsing since version 3 is not supported.
The attached patch fixes the logic to give the correct "Unsupported file" message.
| Subject: | db-version-check.patch |
--- KeePass.pm 2012-09-15 18:09:42.000000000 -0400
+++ KeePass.pm 2014-05-28 14:22:35.747835636 -0400
@@ -137,7 +137,7 @@
my @f = qw(sig1 sig2 flags ver seed_rand enc_iv n_groups n_entries checksum seed_key rounds);
my $t = 'L L L L a16 a16 L L a32 a32 L';
@h{@f} = unpack $t, $buffer;
- die "Unsupported file version ($h{'ver'}).\n" if $h{'ver'} & 0xFFFFFF00 != DB_VER_DW_V1 & 0xFFFFFF00;
+ die "Unsupported file version ($h{'ver'}).\n" if ($h{'ver'} & 0xFFFFFF00) != (DB_VER_DW_V1 & 0xFFFFFF00);
$h{'enc_type'} = ($h{'flags'} & DB_FLAG_RIJNDAEL) ? 'rijndael'
: ($h{'flags'} & DB_FLAG_TWOFISH) ? 'twofish'
: die "Unknown encryption type\n";
@@ -148,7 +148,7 @@
my ($self, $buffer) = @_;
my %h = (version => 2, enc_type => 'rijndael');
@h{qw(sig1 sig2 ver)} = unpack 'L3', $buffer;
- die "Unsupported file version2 ($h{'ver'}).\n" if $h{'ver'} & 0xFFFF0000 > 0x00020000 & 0xFFFF0000;
+ die "Unsupported file version2 ($h{'ver'}).\n" if ($h{'ver'} & 0xFFFF0000) > (0x00020000 & 0xFFFF0000);
my $pos = 12;
while (1) {