cryb.to/cryb-to
1
0
Fork 0
mirror of https://github.com/cryb-to/cryb-to.git synced 2024-05-21 08:50:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix a few key URI validation issues.

Browse source
This commit is contained in:
Dag-Erling Smørgrav 2018-04-26 03:09:51 +02:00
parent bd4b5c246e
commit 31f2831b67
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/oath/cryb_oath_key_from_uri.c
View file

@ -127,10 +127,11 @@ oath_key_from_uri(oath_key *key, const char *uri)
if (key->digits != 0)
/* dupe */
goto invalid;
/* only 6 or 8 */
if (valuelen != 1 || (*value != '6' && *value != '8'))
n = strtoumax(value, &e, 10);
if (e == value || *e != '\0' ||
n < OATH_MIN_DIGITS || n > OATH_MAX_DIGITS)
goto invalid;
key->digits = *q - '0';
key->digits = n;
} else if (strcmp("counter", name) == 0) {
if (key->counter != UINT64_MAX)
/* dupe */
@ -158,7 +159,7 @@ oath_key_from_uri(oath_key *key, const char *uri)
} else if (strcmp("issuer", name) == 0) {
key->issuerlen = strlcpy(key->issuer, value,
sizeof key->issuer);
if (key->issuerlen > sizeof key->issuer)
if (key->issuerlen >= sizeof key->issuer)
goto invalid;
} else {
goto invalid;