diff options
author | David Hénot <henot.david@gmail.com> | 2017-05-11 00:08:07 +0200 |
---|---|---|
committer | David Hénot <henot.david@gmail.com> | 2017-05-11 00:13:57 +0200 |
commit | bd4addab51dc36f23b83e4efe86c2dae74ed81ac (patch) | |
tree | 35cf603609d734c86c40350dc2df168af9690db1 | |
parent | e1eb658db2f04b9235a10d210a1ed551511bff78 (diff) | |
download | zxcvbn-c-bd4addab51dc36f23b83e4efe86c2dae74ed81ac.tar.gz |
Fix match for decrementing sequences
This was causing heap corruptions (write past array boundary) in
ZxcvbnMatch for passwords ending with 09 for example
-rw-r--r-- | zxcvbn.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1491,8 +1491,9 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start, { ++Len; ++Passwd; + break; } - else if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next)) + if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next)) break; ++Len; ++Passwd; |