From bd4addab51dc36f23b83e4efe86c2dae74ed81ac Mon Sep 17 00:00:00 2001
From: David Hénot <henot.david@gmail.com>
Date: Thu, 11 May 2017 00:08:07 +0200
Subject: Fix match for decrementing sequences

This was causing heap corruptions (write past array boundary) in
ZxcvbnMatch for passwords ending with 09 for example
---
 zxcvbn.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/zxcvbn.c b/zxcvbn.c
index 7468586..6091d7c 100644
--- a/zxcvbn.c
+++ b/zxcvbn.c
@@ -1491,8 +1491,9 @@ static void SequenceMatch(ZxcMatch_t **Result, const uint8_t *Passwd, int Start,
             {
                 ++Len;
                 ++Passwd;
+                break;
             }
-            else if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next))
+            if ((Next > SetHigh) || (Next < SetLow) || (Passwd[1] != Next))
                 break;
             ++Len;
             ++Passwd;
-- 
cgit v1.2.3