login about faq

While testing the following method in the Chilkat.Prng class

public string RandomPassword(int length, bool mustIncludeDigit, bool upperAndLowercase, string mustHaveOneOf, string excludeChars)

I may have stumbled over a bug while running repeated tests. More specifically I ran the following code:

var required_chars = "!#$%&*+-=?@^_";
var excluded_chars = "iIlLoO01|";
for (int i = 0; i < 100; i++)
{
    var fortuna = new Chilkat.Prng();
    var generated = fortuna.RandomPassword(16, true, true, required_chars, excluded_chars);
    if (!generated.Any(m => required_chars.Contains(m))
    {
        break;
    }
}

Randomly the breakpoint is hit and the generated string is missing at least one of the required characters. At first I thought that the method did not account for required characters also being specified as excluded characters, but that is not the case here.

I ran another test with the following code and the result is the same, but may be caused by the digits 0 and 1 being excluded:

var required_chars = "0123456789";
var excluded_chars = "iIlLoO01|!#$%&*+-=?@^_";
for (int i = 0; i < 100; i++)
{
    var fortuna = new Chilkat.Prng();
    var generated = fortuna.RandomPassword(13, true, true, "", excluded_chars);
    if (!generated.Any(m => required_chars.Contains(m))
    {
        break;
    }
}

asked Nov 13 '15 at 13:27

roan98dk's gravatar image

roan98dk
326192034

edited Nov 13 '15 at 13:48


This is now fixed in the version that is soon to be released (v9.5.0.55)

link

answered Dec 18 '15 at 10:59

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

I'll have a look. However, there is a bit of internal "road construction" underway this weekend, so getting a new build out may take longer than usual. You may want to find a workaround -- such as by testing and re-trying until a valid result is obtained.

link

answered Nov 13 '15 at 19:25

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

No worries. So far I use this internally only and can live with random failures. Still it reveals that the method is not working perfectly and should be fixed at some point. Perhaps in relation to my other post about adding an overloaded method.

(Nov 14 '15 at 05:53) roan98dk

I would also recommend adding an internal check to reduce the risk of the process running indefinitely (I do not know if there is a timeout at some point). I saw this happen during unit testing of meaningless function arguments:

RandomPassword(13, false, false, "", "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")

In other words I request a password, but exclude all possible characters. The method ought to return immediately with a null or empty string. Perhaps also set LastMethodSuccess as false and LastError* as "Invalid arguments. Include at least X number of characters.".

(Nov 17 '15 at 05:47) roan98dk

I also noticed that setting the length shorter than 6 characters does not set LastMethodSuccess as false. Shouldn't that be the case?

The LastError* is still set though:

ChilkatLog:
  RandomPassword:
    DllDate: Nov  4 2015
    ChilkatVersion: 9.5.0.54
    UnlockPrefix: XXX
    Username: XXX
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    password length must be a minimum of 6 chars and no more than 512 chars.
    invalidLength: 4
  --RandomPassword
--ChilkatLog

I would also recommend adding the length requirement to the reference documentation.

link

answered Nov 17 '15 at 05:57

roan98dk's gravatar image

roan98dk
326192034

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×19
×6
×3
×3
×2

Asked: Nov 13 '15 at 13:27

Seen: 722 times

Last updated: Dec 18 '15 at 10:59

powered by OSQA