Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)


Topic review


Re: 5.2.5+: Issue with passwords containing '%+' in sequence

Thanks for your report.

This bug has been added to the tracker:

I'm sending you a development version of WinSCP for testing.

5.2.5+: Issue with passwords containing '%+' in sequence

5.2.5 beta onward through the 5.5 release does not appear to be transmitting passwords correctly under certain circumstances if the password contains the percent sign and plus characters in sequence, e.g. 'L^k~5$_yP%+]9:J' will fail to log in while 'L^k~5$_yP%9+]:J' will succeed. Works fine through the GUI interface (WinSCP.exe), fails through the .Net library or console interface. I've only tested with FTP / FTPS servers, unknown if other protocols are affected. Have tested with two servers, 20 or so passwords, had three authentication failures, all with passwords containing '%+' in sequence.

I'm aware of the special character encoding required for '%' characters to work through the console version, both manually typing through the console and reviewing the .Net library output to the console it appears as far as I can tell that the special characters have all been properly encoded and WinSCP's interpretation of the encoded characters seems to be at fault.

Known conditions for this being an issue:
WinSCP version 5.2.5 beta or higher (5.2.4 beta and lower work fine back to 5.2.1 at least)
.Net library usage / console ( usage
actual FTP or FTPS-TLS connection

Windows 7 / Windows 2008
Visual Studio 2010 / .Net 4.0