commit f4d31da65eebbc191cda343d50a02abd6c0edced
parent 8f325a33327480535fe20215d2a278cce7fc8b18
Author: Sean Enck <sean@ttypty.com>
Date: Sun, 18 Sep 2022 13:13:29 -0400
check padding before operating on it
Diffstat:
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/internal/encrypt/core.go b/internal/encrypt/core.go
@@ -161,6 +161,9 @@ func (l Lockbox) Decrypt() ([]byte, error) {
return nil, errors.New("decrypt not ok")
}
- padding := int(decrypted[0])
- return decrypted[1+padding:], nil
+ padding := 1 + int(decrypted[0])
+ if len(decrypted) < padding {
+ return nil, errors.New("invalid decrypted data, bad padding")
+ }
+ return decrypted[padding:], nil
}
