Fix: [zipplugin] Show password error.

[GongHeng2017]

-- When enter the right password, show password error. -- Not judge the Second password, so add code logic the adjust it.

Log: fix issue
Bug: https://pms.uniontech.com/bug-view-329305.html

Summary by Sourcery

Bug Fixes:

• Track the index of the last password-protected entry to return an error on a second wrong password input instead of continuously re-prompting

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

The patch enhances the password handling in extractFiles by introducing a tracking index for password prompts, ensuring that a second failed entry for the same file triggers an immediate error return instead of re-prompting indefinitely.

Sequence diagram for improved password error handling during extraction

sequenceDiagram
participant LibzipPlugin_extractFiles
participant PasswordNeededQuery
participant User
participant zip_archive

LibzipPlugin_extractFiles->>zip_archive: Attempt to extract file
alt Password required or wrong password
    LibzipPlugin_extractFiles->>PasswordNeededQuery: Prompt for password
    PasswordNeededQuery->>User: Request password
    User->>PasswordNeededQuery: Enter password
    PasswordNeededQuery->>LibzipPlugin_extractFiles: Return password
    LibzipPlugin_extractFiles->>zip_archive: Set password and retry
    alt Second wrong password for same file
        LibzipPlugin_extractFiles->>zip_archive: Close archive
        LibzipPlugin_extractFiles->>User: Show password error
    else Password correct or first wrong attempt
        LibzipPlugin_extractFiles->>zip_archive: Retry extraction
    end
end

Loading

Class diagram for updated password handling in LibzipPlugin

classDiagram
class LibzipPlugin {
  +extractFiles(files, options)
  -m_eErrorType
  -m_strPassword
  -m_bCancel
  +signalQuery(query)
}
class PasswordNeededQuery {
  +password()
  +waitForResponse()
}
LibzipPlugin "1" -- "1" PasswordNeededQuery : uses

Loading

File-Level Changes

Change	Details	Files
Implement tracking of password attempts and exit on second failure	Initialize lastNeedPasswordIndex to -1 before iterating entries Remove the old immediate wrong-password return block Add a guard that if lastNeedPasswordIndex equals current entry index, close archive, clear password, and return error After a password prompt, set lastNeedPasswordIndex to the current index and decrement i to retry	3rdparty/libzipplugin/libzipplugin.cpp

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[deepin-ci-robot]

deepin pr auto review

我来帮你审查这段代码的修改。这段代码主要处理压缩文件解压时的密码验证逻辑。

1. 语法逻辑：

• 代码语法正确，使用了C++的基本语法和Qt框架的特性
• 逻辑流程清晰，通过lastNeedPasswordIndex变量来跟踪密码验证失败的情况

2. 代码质量：

• 优点：
  • 增加了密码重试的防护机制，避免无限循环
  • 使用了有意义的变量名(lastNeedPasswordIndex)
  • 保持了原有的错误处理流程
• 可改进点：
  • 可以考虑将密码验证相关的逻辑抽取为单独的函数，提高代码可维护性
  • 建议添加注释说明lastNeedPasswordIndex变量的用途

3. 代码性能：

• 性能影响较小，只是增加了一个整型变量的比较操作
• 没有引入额外的性能开销

4. 代码安全：

• 优点：
  • 增加了对密码错误次数的控制，防止暴力破解
  • 在密码错误后及时清理密码字符串(m_strPassword = "")
• 可改进点：
  • 建议在密码验证失败时，增加更多的安全日志记录
  • 可以考虑限制密码重试次数，而不是仅依赖单次重试判断

具体改进建议：

// 建议将密码验证逻辑抽取为单独的函数
bool handlePasswordValidation(zip_int64_t currentIndex, zip_int64_t &lastNeedPasswordIndex, zip *archive, const QString &strFileName) {
    // 如果是同一文件的密码重试，直接返回失败
    if (lastNeedPasswordIndex == currentIndex) {
        zip_close(archive);
        m_strPassword = "";
        return false;
    }

    PasswordNeededQuery query(strFileName);
    emit signalQuery(&query);
    query.waitForResponse();

    if (query.responseCancelled()) {
        return false;
    } else {
        setPassword(query.password());
        zip_set_default_password(archive, m_strPassword.toUtf8().constData());
        lastNeedPasswordIndex = currentIndex;
        return true;
    }
}

// 在主函数中使用
if (ET_WrongPassword == m_eErrorType || ET_NeedPassword == m_eErrorType) {
    if (!handlePasswordValidation(i, lastNeedPasswordIndex, archive, strFileName)) {
        return PFT_Error;
    }
    i--;  // 重试当前文件
}

这样改进后的代码：

1. 提高了代码的可维护性和可读性
2. 将密码验证逻辑封装，便于后续修改和维护
3. 保持了原有的功能和安全特性
4. 代码结构更加清晰

总体来说，原始修改是合理的，主要解决了密码验证时的无限循环问题。建议的改进主要是从代码组织和可维护性角度出发。

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: GongHeng2017, lzwind

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[GongHeng2017]

/merge