Skip to content

Commit

Permalink
Fix buffer overflow in password generator.
Browse files Browse the repository at this point in the history 
When the requested length is less than number of characters in a rule a buffer overflow occurs.
See #126.
  • Loading branch information
@dfish3r
dfish3r committed Jul 20, 2021
1 parent e15e869 commit d8a799c
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/main/java/org/passay/PasswordGenerator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,10 @@ public String generatePassword(final int length, final List<CharacterRule> rules
final CharBuffer buffer = CharBuffer.allocate(length);
if (rules != null) {
for (CharacterRule rule : rules) {
fillRandomCharacters(rule.getValidCharacters(), rule.getNumberOfCharacters(), buffer);
fillRandomCharacters(
rule.getValidCharacters(),
length <= rule.getNumberOfCharacters() ? length : rule.getNumberOfCharacters(),
buffer);
allChars.append(rule.getValidCharacters());
}
}
Expand Down
11 changes: 11 additions & 0 deletions src/test/java/org/passay/PasswordGeneratorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,4 +89,15 @@ public void testGenerator(final String pass)
AssertJUnit.assertFalse(failCharRule.validate(new PasswordData(pass)).isValid());
AssertJUnit.assertTrue(verifyCharRule.validate(new PasswordData(pass)).isValid());
}


/**
*/
@Test(groups = "passgentest")
public void testBufferOverflow()
{
new PasswordGenerator().generatePassword(5, new CharacterRule(EnglishCharacterData.LowerCase, 10));
new PasswordGenerator().generatePassword(10, new CharacterRule(EnglishCharacterData.LowerCase, 5));
new PasswordGenerator().generatePassword(10, new CharacterRule(EnglishCharacterData.LowerCase, 10));
}
}

0 comments on commit d8a799c

Please sign in to comment.