summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/PWLookup.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/PWLookup.pm b/lib/PWLookup.pm
index bf4ea96b..6e2f03e4 100644
--- a/lib/PWLookup.pm
+++ b/lib/PWLookup.pm
@@ -87,7 +87,7 @@ sub encode {
while((my $p = <STDIN>)) {
chomp($p);
# No need to store passwords that are rejected by form validation
- if(!length($p) || length($p) > 500 || !eval { decode_utf8((local $_=$p), Encode::FB_CROAK); 1 }) {
+ if(!length($p) || length($p) > 500 || !eval { decode_utf8((local $_=$p), Encode::FB_CROAK); 1 } || $p =~ /\x00/) {
warn sprintf "Rejecting: %s\n", ($p =~ s/([^\x21-\x7e])/sprintf '%%%02x', ord $1/ger);
next;
}