wneessen/go-hibp
1
1
Fork 0
mirror of https://github.com/wneessen/go-hibp.git synced 2024-11-22 21:00:51 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add sanity check for split strings in password handling

Browse source 
In order to avoid potential indexing issues in password handling, a conditional statement has been added. This ensures that there are two resultant parts after the string splitting operation; if the condition isn't met, the operation simply continues without processing further. This enhances code robustness and reliability.
This commit is contained in:
Winni Neessen 2024-03-14 22:14:48 +01:00
parent f89cc5f629
commit f387547749
Signed by: wneessen
GPG key ID: 5F3AF39B820C119D
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
password.go
View file

@ -205,6 +205,9 @@ func (p *PwnedPassAPI) ListHashesPrefix(pf string) ([]Match, *http.Response, err
so := bufio.NewScanner(hr.Body) so := bufio.NewScanner(hr.Body)
for so.Scan() { for so.Scan() {
hp := strings.SplitN(so.Text(), ":", 2) hp := strings.SplitN(so.Text(), ":", 2)
if len(hp) != 2 {
continue
}
fh := fmt.Sprintf("%s%s", strings.ToLower(pf), strings.ToLower(hp[0])) fh := fmt.Sprintf("%s%s", strings.ToLower(pf), strings.ToLower(hp[0]))
hc, err := strconv.ParseInt(hp[1], 10, 64) hc, err := strconv.ParseInt(hp[1], 10, 64)
if err != nil { if err != nil {