Merge pull request #32 from wneessen/fix_possible_out-of-index_access

Fix possible out of index access
This commit is contained in:
Winni Neessen 2024-03-14 23:10:32 +01:00 committed by GitHub
commit 758c046b43
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
12 changed files with 14 additions and 53 deletions

View file

@ -24,7 +24,7 @@ jobs:
strategy: strategy:
matrix: matrix:
os: [ubuntu-latest] os: [ubuntu-latest]
go: [1.18] go: ['1.22']
steps: steps:
- name: Checkout Code - name: Checkout Code
uses: actions/checkout@master uses: actions/checkout@master
@ -34,7 +34,7 @@ jobs:
go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic . go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic .
- name: Upload coverage to Codecov - name: Upload coverage to Codecov
if: success() && matrix.go == 1.18 && matrix.os == 'ubuntu-latest' if: success() && matrix.go == '1.22' && matrix.os == 'ubuntu-latest'
uses: codecov/codecov-action@v2 uses: codecov/codecov-action@v2
with: with:
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos

View file

@ -22,7 +22,7 @@ jobs:
strategy: strategy:
matrix: matrix:
os: [ubuntu-latest, macos-latest, windows-latest] os: [ubuntu-latest, macos-latest, windows-latest]
go: [1.15, 1.16, 1.17, 1.18] go: ['1.19', '1.20', '1.21', '1.22']
steps: steps:
- name: Checkout Code - name: Checkout Code
uses: actions/checkout@master uses: actions/checkout@master

View file

@ -21,7 +21,7 @@ jobs:
steps: steps:
- uses: actions/setup-go@v3 - uses: actions/setup-go@v3
with: with:
go-version: 1.19 go-version: '1.22'
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: golangci-lint - name: golangci-lint
uses: golangci/golangci-lint-action@v3 uses: golangci/golangci-lint-action@v3

View file

@ -17,7 +17,7 @@ jobs:
- name: Setup Go - name: Setup Go
uses: actions/setup-go@v2.1.3 uses: actions/setup-go@v2.1.3
with: with:
go-version: 1.18.x go-version: 1.22.x
- name: Run unit Tests - name: Run unit Tests
run: | run: |

1
.gitignore vendored
View file

@ -15,3 +15,4 @@
# vendor/ # vendor/
examples/ examples/
.idea/

8
.idea/.gitignore vendored
View file

@ -1,8 +0,0 @@
# Default ignored files
/shelf/
/workspace.xml
# Datasource local storage ignored files
/dataSources/
/dataSources.local.xml
# Editor-based HTTP Client requests
/httpRequests/

View file

@ -1,9 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="WEB_MODULE" version="4">
<component name="Go" enabled="true" />
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$" />
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
</component>
</module>

View file

@ -1,12 +0,0 @@
<component name="InspectionProjectProfileManager">
<profile version="1.0">
<option name="myName" value="Project Default" />
<inspection_tool class="GrazieInspection" enabled="false" level="TYPO" enabled_by_default="false" />
<inspection_tool class="LanguageDetectionInspection" enabled="false" level="WARNING" enabled_by_default="false" />
<inspection_tool class="SpellCheckingInspection" enabled="false" level="TYPO" enabled_by_default="false">
<option name="processCode" value="true" />
<option name="processLiterals" value="true" />
<option name="processComments" value="true" />
</inspection_tool>
</profile>
</component>

View file

@ -1,8 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/go-hibp.iml" filepath="$PROJECT_DIR$/.idea/go-hibp.iml" />
</modules>
</component>
</project>

View file

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="VcsDirectoryMappings">
<mapping directory="$PROJECT_DIR$" vcs="Git" />
</component>
</project>

View file

@ -205,6 +205,9 @@ func (p *PwnedPassAPI) ListHashesPrefix(pf string) ([]Match, *http.Response, err
so := bufio.NewScanner(hr.Body) so := bufio.NewScanner(hr.Body)
for so.Scan() { for so.Scan() {
hp := strings.SplitN(so.Text(), ":", 2) hp := strings.SplitN(so.Text(), ":", 2)
if len(hp) != 2 {
continue
}
fh := fmt.Sprintf("%s%s", strings.ToLower(pf), strings.ToLower(hp[0])) fh := fmt.Sprintf("%s%s", strings.ToLower(pf), strings.ToLower(hp[0]))
hc, err := strconv.ParseInt(hp[1], 10, 64) hc, err := strconv.ParseInt(hp[1], 10, 64)
if err != nil { if err != nil {

View file

@ -431,7 +431,7 @@ func ExamplePwnedPassAPI_CheckPassword() {
if m != nil && m.Count != 0 { if m != nil && m.Count != 0 {
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
m.Hash, m.Count) m.Hash, m.Count)
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB
} }
} }
@ -446,7 +446,7 @@ func ExamplePwnedPassAPI_CheckPassword_withPadding() {
if m != nil && m.Count != 0 { if m != nil && m.Count != 0 {
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
m.Hash, m.Count) m.Hash, m.Count)
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB
} }
} }
@ -462,7 +462,7 @@ func ExamplePwnedPassAPI_checkSHA1() {
if m != nil && m.Count != 0 { if m != nil && m.Count != 0 {
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
m.Hash, m.Count) m.Hash, m.Count)
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB
} }
} }
@ -478,6 +478,6 @@ func ExamplePwnedPassAPI_checkNTLM() {
if m != nil && m.Count != 0 { if m != nil && m.Count != 0 {
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
m.Hash, m.Count) m.Hash, m.Count)
// Output: Your password with the hash "0cb6948805f797bf2a82807973b89537" was found 86495 times in the pwned passwords DB // Output: Your password with the hash "0cb6948805f797bf2a82807973b89537" was found 142835 times in the pwned passwords DB
} }
} }