summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2019-05-17 10:18:58 +0200
committerYorhel <git@yorhel.nl>2019-05-17 10:19:01 +0200
commitb22fd68d85ebe4cc18138b6b1a0811cf84a08a0b (patch)
treee0d3ba3a837c83c8c1ba23a6882ae592794f42ff /lib
parent28aee117368048cdf56879bf35243498abbe8b4f (diff)
Fix PWLookup.pm to reject null-bytes in the dictionary
Since the database format can't handle it.
Diffstat (limited to 'lib')
-rw-r--r--lib/PWLookup.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/PWLookup.pm b/lib/PWLookup.pm
index bf4ea96b..6e2f03e4 100644
--- a/lib/PWLookup.pm
+++ b/lib/PWLookup.pm
@@ -87,7 +87,7 @@ sub encode {
while((my $p = <STDIN>)) {
chomp($p);
# No need to store passwords that are rejected by form validation
- if(!length($p) || length($p) > 500 || !eval { decode_utf8((local $_=$p), Encode::FB_CROAK); 1 }) {
+ if(!length($p) || length($p) > 500 || !eval { decode_utf8((local $_=$p), Encode::FB_CROAK); 1 } || $p =~ /\x00/) {
warn sprintf "Rejecting: %s\n", ($p =~ s/([^\x21-\x7e])/sprintf '%%%02x', ord $1/ger);
next;
}