Update to upstream 2.5+dfsg

[git-debrebase anchor: new upstream 2.5+dfsg, merge]

10 files changed, 162 insertions, 16 deletions

diff --git a/.gitignore b/.gitignore
index 2a522d5..eabe448 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,5 +24,6 @@ zxcvbn.dict
 test-*file
 test-*line
 test-*lib
+test-internals
 dictgen
 dict-*.h
diff --git a/README.md b/README.md
index 1fe31e7..2833487 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,10 @@ end of the password, 1.7 bits for each part in the middle of a password and noth
 for the part at the beginning. This gives similar results compared to the CoffeeScript
 version when there are 4 or less parts, but will differ significantly when there are many
 parts (which is likely to be a rare occurrence).
+* Only the first 100 characters of a password are used in the full entropy estimation calculation.
+This length is given by the ZXCVBN_DETAIL_LEN preprocessor macro and can be altered on the
+compiler command line. The remaining characters are given a low entropy value, roughly equivalent
+to incrementing sequence of the same length.
 
 
 ## References
diff --git a/dict-generate.cpp b/dict-generate.cpp
index 711124d..9fcc95d 100644
--- a/dict-generate.cpp
+++ b/dict-generate.cpp
@@ -889,7 +889,7 @@ void CreateArrays(NodeSPtr Root, StringIntSet_t & StrSet, StringOfInts & ChildAd
     }
     if (x >= (1 << BITS_CHILD_MAP_INDEX))
     {
-        char Tmp[20];
+        char Tmp[24];
         snprintf(Tmp, sizeof Tmp, "%lu", x);
         throw string("Not enough bits for child map index value of ") + Tmp + " for " +
                 Its->s + " (BITS_CHILD_MAP_INDEX too small)";
diff --git a/makefile b/makefile
index 40c88f2..399bccc 100644
--- a/makefile
+++ b/makefile
@@ -44,7 +44,7 @@ test-inline: test.c zxcvbn-inline.o
 	$(CC) $(CPPFLAGS) $(CFLAGS) \
 		-o test-inline test.c zxcvbn-inline.o $(LDFLAGS) -lm
 
-test-internals: test-internals.c zxcvbn.c dict-crc.h zxcvbn.h
+test-internals: test-internals.c zxcvbn.c dict-src.h dict-crc.h zxcvbn.h
 	$(CC) $(CPPFLAGS) $(CFLAGS) \
 		-o test-internals test-internals.c $(LDFLAGS) -lm
 
diff --git a/rpm/libzxcvbn-2.4-makefile-install.patch b/rpm/libzxcvbn-2.4-makefile-install.patch
new file mode 100644
index 0000000..763d71d
--- /dev/null
+++ b/rpm/libzxcvbn-2.4-makefile-install.patch
@@ -0,0 +1,38 @@
+--- zxcvbn-c-2.4.orig/makefile	2018-08-29 13:59:20.000000000 -0700
++++ zxcvbn-c-2.4/makefile	2019-09-28 12:10:36.000000000 -0700
+@@ -13,6 +13,8 @@
+ TARGET_LIB = libzxcvbn.so.0.0.0
+ SONAME = libzxcvbn.so.0
+ 
++LIBDIR := $(or $(LIBDIR),$(/usr/lib))
++
+ WORDS = words-eng_wiki.txt words-female.txt words-male.txt words-passwd.txt words-surname.txt words-tv_film.txt
+ 
+ all: test-file test-inline test-c++inline test-c++file test-shlib test-statlib test-internals
+@@ -44,7 +46,7 @@
+ 	$(CC) $(CPPFLAGS) $(CFLAGS) \
+ 		-o test-inline test.c zxcvbn-inline.o $(LDFLAGS) -lm
+ 
+-test-internals: test-internals.c zxcvbn.c dict-crc.h zxcvbn.h
++test-internals: test-internals.c zxcvbn.c dict-src.h dict-crc.h zxcvbn.h
+ 	$(CC) $(CPPFLAGS) $(CFLAGS) \
+ 		-o test-internals test-internals.c $(LDFLAGS) -lm
+ 
+@@ -101,6 +103,17 @@
+ 	./test-c++inline -t testcases.txt
+ 	@echo Finished
+ 
++package: $(TARGET_LIB) libzxcvbn.a dict-crc.h dict-src.h
++
++install: package
++	mkdir -p $(DESTDIR)/usr/{include,share}/zxcvbn $(DESTDIR)/usr/bin $(DESTDIR)$(LIBDIR)
++	install -m 0644 *.h $(DESTDIR)/usr/include/zxcvbn
++	install -m 0644 $(TARGET_LIB) libzxcvbn.a $(DESTDIR)$(LIBDIR)
++	ln -s $(TARGET_LIB) $(DESTDIR)$(LIBDIR)/$(SONAME)
++	ln -s $(SONAME) $(basename $(DESTDIR)$(LIBDIR)/$(SONAME))
++	install -m 0755 dictgen $(DESTDIR)/usr/bin/zxcvbn-dictgen
++	install -m 0644 zxcvbn.dict $(DESTDIR)/usr/share/zxcvbn
++
+ clean:
+ 	rm -f test-file zxcvbn-file.o test-c++file zxcvbn-c++file.o 
+ 	rm -f test-inline test-internals zxcvbn-inline.o zxcvbn-inline-pic.o test-c++inline zxcvbn-c++inline.o
diff --git a/rpm/libzxcvbn.spec b/rpm/libzxcvbn.spec
new file mode 100644
index 0000000..7985c91
--- /dev/null
+++ b/rpm/libzxcvbn.spec
@@ -0,0 +1,65 @@
+Summary: A library for password entropy checking
+Name: libzxcvbn
+Version: 2.4
+Release: 3%{?dist}
+License: MIT
+Source0: https://github.com/tsyrogit/zxcvbn-c/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Patch1: libzxcvbn-2.4-makefile-install.patch
+
+# For some reason adding the libzxcvbn.so in the Makefile messes up the provides
+%define ldversion 0
+Provides: libzxcvbn.so.%{ldversion}()(%{__isa_bits}bit)
+
+%global reponame zxcvbn-c
+
+%description
+This is a library for password entropy checks based on common names, words and
+patterns in US English.
+
+%package devel
+Group: Development/Libraries
+Summary: Support for development of applications using the libzxcvbn library
+Requires: libzxcvbn%{?_isa} = %{version}-%{release}
+Requires: pkgconfig
+
+%description devel
+Files needed for development of applications using the libzxcvbn library.
+
+%prep
+%setup -q -n %{reponame}-%{version}
+%patch1 -p1 -b .makefile-install
+
+%build
+make %{?_smp_mflags} package
+
+%install
+make install DESTDIR=$RPM_BUILD_ROOT LIBDIR=%{_libdir} INSTALL='install -p'
+
+%check
+make test
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(-,root,root,-)
+%doc README.md LICENSE.txt
+%{_bindir}/zxcvbn-dictgen
+%{_libdir}/libzxcvbn.so*
+%{_datarootdir}/zxcvbn/zxcvbn.dict
+
+%files devel
+%defattr(-,root,root,-)
+%{_includedir}/zxcvbn/*.h
+%{_libdir}/libzxcvbn.a
+
+%changelog
+* Sun Oct 6 2019 Erik Ogan <erik@stealthymonkeys.com> 2.4-3
+- Add make test to %check
+
+* Sat Sep 28 2019 Erik Ogan <erik@stealthymonkeys.com> 2.4-2
+- Add libzxcvbn.so link so ld can find the library
+
+* Sat Sep 21 2019 Erik Ogan <erik@stealthymonkeys.com> 2.4-1
+- Initial Spec
diff --git a/test.c b/test.c
index df2b41f..82ab295 100644
--- a/test.c
+++ b/test.c
@@ -75,6 +75,8 @@ static void CalcPass(const char *Pwd, int Quiet)
                 case SEQUENCE_MATCH:                  printf("  Type: Sequence       ");   break;
                 case SPATIAL_MATCH:                   printf("  Type: Spatial        ");   break;
                 case DATE_MATCH:                      printf("  Type: Date           ");   break;
+                case YEAR_MATCH:                      printf("  Type: Year           ");   break;
+                case LONG_PWD_MATCH:                  printf("  Type: Extra-long     ");   break;
                 case BRUTE_MATCH+MULTIPLE_MATCH:      printf("  Type: Bruteforce(Rep)");   break;
                 case DICTIONARY_MATCH+MULTIPLE_MATCH: printf("  Type: Dictionary(Rep)");   break;
                 case DICT_LEET_MATCH+MULTIPLE_MATCH:  printf("  Type: Dict+Leet(Rep) ");   break;
@@ -84,6 +86,8 @@ static void CalcPass(const char *Pwd, int Quiet)
                 case SEQUENCE_MATCH+MULTIPLE_MATCH:   printf("  Type: Sequence(Rep)  ");   break;
                 case SPATIAL_MATCH+MULTIPLE_MATCH:    printf("  Type: Spatial(Rep)   ");   break;
                 case DATE_MATCH+MULTIPLE_MATCH:       printf("  Type: Date(Rep)      ");   break;
+                case YEAR_MATCH+MULTIPLE_MATCH:       printf("  Type: Year(Rep)      ");   break;
+                case LONG_PWD_MATCH+MULTIPLE_MATCH:   printf("  Type: Extra-long(Rep)");   break;
 
                 default:                printf("  Type: Unknown%d ", p->Type);   break;
             }
@@ -112,7 +116,7 @@ static void CalcPass(const char *Pwd, int Quiet)
 
 int DoChecks(char *file)
 {
-    char Line[500];
+    char Line[5000];
     int y = 0;
     int w = 0;
     int r = 0;
@@ -170,7 +174,7 @@ int DoChecks(char *file)
         }
 
         Ent = atof(t);
-        if ((Ent < 0.0) || (Ent > 1000.0))
+        if ((Ent < 0.0) || (Ent > 10000.0))
         {
             printf("Bad entropy value on line %d\n", y);
             r = 1;
@@ -254,11 +258,11 @@ int main(int argc, char **argv)
         }
         return 0;
     }
-    i = 1+Quiet;
+    i = 1+Quiet+White;
     if (i >= argc)
     {
         /* No test passwords on command line, so get them from stdin */
-        char Line[500];
+        char Line[5000];
         while(fgets(Line, sizeof Line, stdin))
         {
             /* Drop the trailing newline character */
diff --git a/testcases.txt b/testcases.txt
index cebb51c..ac22cbf 100644
--- a/testcases.txt
+++ b/testcases.txt
@@ -62,5 +62,10 @@ quvpzquvpz               24.50
 #-- with UK KBD  (US-KBD=17.08)
 jkl;'#                   11.12
 
-magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairlosingpushhelpedkillingusuallyearlierbosslaurabeginninglikedinnocentdocruleselizabethsabrinasummerexcoplearnedthirtyrisklettingphillipspeakingofficerridiculoussupportafternoonericwithsobutallwellareheohaboutrightyou're   545.9
-
+# Only first 100 chars have full estimation, extras are processed as repeated digits
+magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblair      180.29
+magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairl     186.74
+magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairlo    189.49
+magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairlos   190.07
+magicfavoriteunclepromisedpublicbotherislandjimseriouslycellleadknowingbrokenadvicesomehowpaidblairlosingpushhelpedkillingusuallyearlierbosslaurabeginninglikedinnocentdocruleselizabethsabrinasummerexcoplearnedthirtyrisklettingphillipspeakingofficerridiculoussupportafternoonericwithsobutallwellareheohaboutrightyou're    197.44
++hHzpZl9fGXayK7LrIBgf+OFnUqyc9IoEI6+7So6ZxMosVd7zYblwaJXKItd2RbYCi95wPGEE4i2Emh+g5qGuR0DaJ84ATzhp9r9IWJdoVxTtfgdDfg925wJ2/w8wJyHEZfQzuZPXl4UhWQ1lFf/PM4bn/FOaYVhnj7DpdXeymC8AxLsV3j4UQ5spQ7XHGNh5OKYW0JvuHxXZzMdvqQsL7pSw/EY29c+Fq8aDdZJR8hbu7XNJ6+hfIUNu/xN8aNXGQCCbRrx36lcgLw2E4mcSXoD88GcClGsKRO6mhEJXzwGWsDBXv5xuw4Mg3WQBo3BVoHD1763xewPw+NFqVCsIwdVUgtSnIsjJ6AmCvUCRE0ehO4TitCT2/Ui36RmP0vJH2vJmbb4ihDbEDPyqlSrvSN9WPCfTuvIB+44bQboWsa1p6W7Q9PnD67QHY1tgBM4XC2NKxsT8q2w9C8SA6iL+yKCX475vxsBbo4BFSYWckaEj1avm3rACB4DzK2Eqq28fvIxaSEAWKbkpAUIqt/ejb/2qTnopNcTpJuHk1oNm2vjR4hTOLH1VcuL93eyZdmRUzyweZaWRKW2/7WYDgChDZUf/EsbfwyJ+vcp6OtpkjENzwAvHoRudwgkonHKvhGNLkSDJr+LzRigV5PcnZ0E8hH1ZkU=ToUYClb1lHMTi2pLbvXkLeAYF6D3Y5rbM5lEZoe6yE5OKCdOPqEstGQcWQTKeBsIzly4cUEPPuuBihERryt6AfzuINwRoNOAyBXLVE35uPU/XgNsVeAG2Uo1bCdklyreCvgwO//+lZAZuXJIz6KrD5humjAdX1PxWhP9RgM0v7nuyV+T5zskOEM48c6LwIGGALkK3RjPahxeEe35LwnxqRz50R/8e3EnPk9G1VO9CefKrhnMvWtbyzpKCVcl7kyP3NjhjnF0auQJMpqyL7hFhLSXEOSsKsvFjFZd4X0N54kBYnkce02pAjMCR8HMQ8wCkZ8NNIZp48lDLO+8g3R3k6OFR/DRlTI30aUG2U6nmWOtFxoT1L7RQp104G/r+mBAMPR4/J8ZBfYJF41X8ICCeDWB8cCZLVKnVkotEHmQBzKmzvGCxuu/92udPf6MvUImj7TzwF5EHBV45DFAzKtrF/rlSTCNHkq+A4HSOq/MifPDMSPaJUhUHm9I7LhSxMxPGDevK3k0A6zebDvvEKWkMiwlJKeEgOepm7rgZvFt/Nx58GGualEO6m3q/fxk8gKJmx7QbAXGTdbEQ0qydEPXSlRISbCyffsES7hVVMKkUWHgnXKaKIqaLvCeQG4qisO0w01TzM9sToVLIqDrATavp9LMwiE=m8TQ+isK+IBnWhvZU6yTJaPh+IWrZjOw1lzO9XBK8g4buAyMzq0bQQ+2x9zBIXhV2jvB9BpZe3tnkYx0Xz0hbH9QuFoHBvAtYFXfoHn5PpAzZrfGDovRYHI9gJJpMfUf6zROHHfOwsPgyXrHM8fksVS0Hj/w2KLuX3HZgH9FtI/cXMFvIFfu7CPYiQRD7/36SPMEt+IbuNcgS/NUWsE7YHA96LyMj4SpJrYnv7qoYdFopjf1Mk/8SawpnZ87FIcZA2zZLlIFkEJ1SSSAgvo5KgEPpNanQiLuFiy39dRE1M1kxEZfky5fn1XCHYSHMrHe+d3YXwwky89sbl4f/vkwONOXTCOeK1X+y5NogaYKLZXG0/zQpGph1JJRGlavTX7jS4XDyJ/looDmPDD1cTyhIY4g6K4tXW31VCFQ9dLhCghsOK02yLRZOqMFjIGalZ9nRDc0qLued8xnVux/6bG843e02wKLG8dieqFu4Zyhi9qG6CKcLcmScw6cyiVVPn6+KLETgWrC67p9Wh4g9xZIgidrIzDjgqSJPidEBZeIW8jvS7csek/tt9WwE7E+aYLePxBmvAY1K6hn47dHfPTfBkiZexkGVsD4xap+wQBZJg4NEp6V4x+JSnS0rhir1npKgNIbTgZV4tzQw3pc0Pu8BSsKRjk+HzCbxMoIDNMBHD/AXAc96BVIH6lu67un6uwZJl6y6wHD2BHO3jFcK8asOV3zSk3HmOptPK+2xb5IYf9FLeLWppTjYGIpP5ioqxHCRhTHj3oR+87jYUnavABNhZxTF3hgXVoNvTofPZzKF746A88ky9XXwKgPcO7BEDsxtlikaPhS+gX8yb+w8P/NrSCm1wCx1wP3VmLhNTzni+ypDYhodtsT7dPenZk0IW1eNPr/tYeBefwIM6KGObSrTL4RSs0yqMo2w8tJb3HrpS4mBJaSfi8iSiRQuyy8eNJmO9vGMIjk2qyGYdK4PZwxhvHgviJ6nIszPODyuWOrQlD9UxC8jNSPZsM6BCBrlnZw4/inJ2xUIIfo8fqjBfqgRpZ0UveIR6/86fnXPUI96FVUCWF8YudtsFGovKGktksBCrg4bR3xVRxSw+TXGvxFGHpqk+tH+vIZpDRwp1PJ/APvlqUIVh5jmto+cRDeXT3JWzLVPwGIC2fgADqJBFSTqFAVFUXkCNzDj7EukbFyY454+osQvnGx5LtFFFQVq9EGXNtX3q47qmvqSF5qQwXmKkWOq7H14gdNExqlR3NDhqUIGj/cR2R6pDPk6Lr2nrgEpu8N/2WYIHgCE3kJbKQMRUyigEyJojSKriNNNA29fNzSK35aOFG2R0=ubugJ7944qLRa+GvRfWGQ2GE96BoAkcdLapEVBuxl9841BuXEVDCe81EVaP5XTFroYjXddhUZMDdSdYz/ILHROrpGxqGcFRy3GV/KkWXjKj8FC0gqWn1NKF1MSmomcIRFSvlvZy2RBD3ZP1lCpVsXejSne9jC9UcuxExDWvM9E+jxaFgpZ9or5E1dTY/HQE5E4sXqNVI9gjuWbMGU/IZ+3zo3UkRmrGsMMgtX0gNw824XBDBAj8CT7bkX2neh2XFwBRWza3pLLt4WWMxE/J922bv3X3UaQVI228ppfUD7nkZ6k6miuBun4Kw1nUcKl6iMQff8ilvksd3IlVfvu/l1ToT3HHw8LLBuYv/yrI9J1EiCcZ4LA7AEvCJd3VmRMd44uqP75uzJqBhXyNTndup/pmpn/iJT4qUhNZklebUXoT1X/Xhs0+DtaeCTPkplvutwjXO2/okHsGhUz9BHaB4fMHFhxvY5iJ258mdW3q9A5YzLagl2PwVfILHxTtrhW2N22OEonGdNUI5H2Z9Kd6HSjs6kfH7IbF3Uhb/d/nNUe5trSgjMOcxWpGScQEdZ+TutnN3oDQhUz15GAEHocjVh6pPUIjiPmKXmgNfbQqvaHjlM4q/PNqWEb3l24BLAN1sAJGf2zGINAiPxAQi6pphBot+itXLFg2Xz0FBteSFXTMSa5+peNNzNibV01tBfgpVNqORuPdwnQ97ZReD+g3jPA46j7Gog9f5KlOPFwFGB8blCysXYHj0nWhZ5bG7xGAG8jhJrrJ5t66jtNyVJwo6/CvNJpFiA4SV1vKFRMoJ0ZnKTHLyTVvoSTf/jNzwCatGubFHemk9SiycrG0ZmF2NuN7A2YThWOGNtCz4ubTi5vClrolA6lw/upWFrJR4gIIO20lEvy4goDpzeLiSKgsK2NNBZn3m/mFWVr55hcWa+nWTCV1pI2wR8RcyvN8i0oJyg66g4rPhaFpSoCSiLb5KvShdZKsvTg7ITi1MYSK4hk4Jk1skk7+K/I2jnfWx7XCtSVYQ2MgKNWP7ChWx32GT+q81zn0pJUKvML1eDICUhRI/QncmXGuMFUxsgShGIg4XgMCS3BOIIfAIC7uUwN5NKjZP+VPS39+wKlz7RTHK8I10GFNUzNcwzgwtuDxqQCeektuYN7cs2fWeqQhbr2ZqIiTyNV1yHilzsKgkdnlLQvVMGcRDPRblICerqCOiQry3ZHi2yOY2N7iBOuFTsoqeIXfTW1B5DCBFJXEE/ngdBnDw79YwUWCjRlb0+alI1AsCgtXUJI+OukP6x+q329+N8v5Xa15gJXHDJow9uZfea7hHjk/g=    566.06
diff --git a/zxcvbn.c b/zxcvbn.c
index ebe9e31..95aa88f 100644
--- a/zxcvbn.c
+++ b/zxcvbn.c
@@ -52,6 +52,11 @@
 /* Minimum number of characters in a incrementing/decrementing sequence match */
 #define MIN_SEQUENCE_LEN 3
 
+/* Maximum number of characters to perform full entropy calculation */
+#ifndef ZXCVBN_DETAIL_LEN
+#define ZXCVBN_DETAIL_LEN 100
+#endif
+
 /* Year range for data matching */
 #define MIN_YEAR 1901
 #define MAX_YEAR 2050
@@ -1574,15 +1579,20 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
     ZxcMatch_t *Zp;
     Node_t *Np;
     double e;
-    int Len = strlen(Pwd);
+    int FullLen = strlen(Pwd);
+    int Len = FullLen;
     const uint8_t *Passwd = (const uint8_t *)Pwd;
     uint8_t *RevPwd;
     /* Create the paths */
-    Node_t *Nodes = MallocFn(Node_t, Len+1);
-    memset(Nodes, 0, (Len+1) * sizeof *Nodes);
+    Node_t *Nodes = MallocFn(Node_t, Len+2);
+    memset(Nodes, 0, (Len+2) * sizeof *Nodes);
     i = Cardinality(Passwd, Len);
     e = log((double)i);
 
+    /* Limit length used to full entropy estimation to prevent excessive calculation time */
+    if (Len > ZXCVBN_DETAIL_LEN)
+        Len = ZXCVBN_DETAIL_LEN;
+
     /* Do matching for all parts of the password */
     for(i = 0; i < Len; ++i)
     {
@@ -1659,8 +1669,23 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
         }
     }
     FreeFn(RevPwd);
+    if (FullLen > Len)
+    {
+        /* Only the first MAX_DETAIL_LEN characters are used for full  entropy estimation, for */
+        /* very long passwords the remainding characters are treated as being a incrementing */
+        /* sequence. This will give a low (and safe) entropy value for them. */
+        Nodes[Len].Dist = DBL_MAX;
+        Zp = AllocMatch();
+        Zp->Type = LONG_PWD_MATCH;
+        Zp->Begin = Len;
+        /* Length is negative as only one extra node to represent many extra characters */
+        Zp->Length = Len - FullLen;
+        Zp->Entrpy = log(2 * (FullLen - Len));
+        AddResult(&(Nodes[i].Paths), Zp, FullLen - Len);
+        ++Len;
+    }
     /* End node has infinite distance/entropy, start node has 0 distance */
-    Nodes[i].Dist = DBL_MAX;
+    Nodes[Len].Dist = DBL_MAX;
     Nodes[0].Dist = 0.0;
 
     /* Reduce the paths using Dijkstra's algorithm */
@@ -1688,8 +1713,12 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
         /* update if the new distance is smaller. */
         for(Zp = Np->Paths; Zp; Zp = Zp->Next)
         {
-            Node_t *Ep = Np + Zp->Length;
+            Node_t *Ep;
             double d = e + Zp->MltEnpy;
+            if (Zp->Length >= 0)
+                Ep = Np + Zp->Length;
+            else
+                Ep = Np + 1;
             if (!Ep->Visit &&  (d < Ep->Dist))
             {
                 /* Update as lower dist, also remember the 'from' node */
@@ -1697,9 +1726,6 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
                 Ep->From = Zp;
             }
         }
-        /* If we got to the end node stop early */
-        /*if (Nodes[Len].Dist < DBL_MAX/2.0) */
-          /*  break; */
     }
     /* Make e hold entropy result and adjust to log base 2 */
     e = Nodes[Len].Dist / log(2.0);
@@ -1724,6 +1750,8 @@ double ZxcvbnMatch(const char *Pwd, const char *UserDict[], ZxcMatch_t **Info)
                     /* Adjust the entropy to log to base 2 */
                     Xp->Entrpy /= log(2.0);
                     Xp->MltEnpy /= log(2.0);
+                    if (Xp->Length < 0)
+                        Xp->Length = -Xp->Length;
 
                     /* Put previous part at head of info list */
                     Xp->Next = *Info;
diff --git a/zxcvbn.h b/zxcvbn.h
index 9500c7a..10272e7 100644
--- a/zxcvbn.h
+++ b/zxcvbn.h
@@ -62,6 +62,7 @@ typedef enum
     SPATIAL_MATCH,      /* 8 */
     DATE_MATCH,         /* 9 */
     YEAR_MATCH,         /* 10 */
+    LONG_PWD_MATCH,     /* 11 */
     MULTIPLE_MATCH = 32 /* Added to above to indicate matching part has been repeated */
 } ZxcTypeMatch_t;