From 9e00fa2762fe317137885d6e81255997ff424748 Mon Sep 17 00:00:00 2001
From: fufesou <linlong1266@gmail.com>
Date: Wed, 20 May 2026 18:26:18 +0800
Subject: [PATCH] refact(password): check invalid with 01 when set salt

Signed-off-by: fufesou <linlong1266@gmail.com>
---
 src/config/permanent_password.rs | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/config/permanent_password.rs b/src/config/permanent_password.rs
index 4901c2fcc..cbef417dc 100644
--- a/src/config/permanent_password.rs
+++ b/src/config/permanent_password.rs
@@ -218,9 +218,12 @@ pub(super) fn password_is_empty_or_not_hashed(permanent_password_storage: &str)
     if decode_permanent_password_h1_from_storage(permanent_password_storage).is_some() {
         return false;
     }
-    let (_, decrypted, should_store) =
+    if permanent_password_storage.starts_with(PERMANENT_PASSWORD_ENC_VERSION) {
+        return false;
+    }
+    let (_, decrypted, looks_like_plaintext) =
         decrypt_str_or_original(permanent_password_storage, PASSWORD_ENC_VERSION);
-    decrypted || should_store
+    decrypted || looks_like_plaintext
 }
 
 #[cfg(test)]
@@ -424,4 +427,9 @@ mod tests {
 
         assert!(!password_is_empty_or_not_hashed(&locked_storage));
     }
+
+    #[test]
+    fn test_password_is_empty_or_not_hashed_treats_invalid_01_storage_as_hashed() {
+        assert!(!password_is_empty_or_not_hashed("01not-a-valid-hash"));
+    }
 }