From e1147d2f2eb98ef5a39a37fd63d98dae9a301ee2 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin.krahl@ireas.org>
Date: Sun, 23 Dec 2018 01:18:50 +0100
Subject: Return UTF-8 error when handling the passphrase

Currently, invalid UTF-8 code points in the passphrase returned by
pinentry are replaced with replacement characters by
`String::from_utf8_lossy`.  This patch changes the code to use
`String::from_utf8` and returns an UTF-8 error if encountered.
---
 nitrocli/src/commands.rs | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'nitrocli/src')

diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs
index 4a33364..4f04684 100644
--- a/nitrocli/src/commands.rs
+++ b/nitrocli/src/commands.rs
@@ -101,10 +101,8 @@ pub fn open() -> Result<()> {
   let mut retry = 3;
   let mut error_msg: Option<&str> = None;
   loop {
-    // TODO: Rethink the usage of String::from_utf8_lossy here. We may
-    //       not want to silently modify the password!
     let passphrase = pinentry::inquire_passphrase(PIN_TYPE, error_msg)?;
-    let passphrase = String::from_utf8_lossy(&passphrase);
+    let passphrase = String::from_utf8(passphrase)?;
     match device.enable_encrypted_volume(&passphrase) {
       Ok(()) => return Ok(()),
       Err(err) => match err {
-- 
cgit v1.2.1