aboutsummaryrefslogtreecommitdiff
path: root/contrib/libfido2/tools/cred_make.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/libfido2/tools/cred_make.c')
-rw-r--r--contrib/libfido2/tools/cred_make.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/contrib/libfido2/tools/cred_make.c b/contrib/libfido2/tools/cred_make.c
index 7955fa2b7f9f..a6239ec27aec 100644
--- a/contrib/libfido2/tools/cred_make.c
+++ b/contrib/libfido2/tools/cred_make.c
@@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
+ * SPDX-License-Identifier: BSD-2-Clause
*/
#include <fido.h>
@@ -137,7 +138,7 @@ cred_make(int argc, char **argv)
fido_dev_t *dev = NULL;
fido_cred_t *cred = NULL;
char prompt[1024];
- char pin[1024];
+ char pin[128];
char *in_path = NULL;
char *out_path = NULL;
FILE *in_f = NULL;
@@ -221,6 +222,10 @@ cred_make(int argc, char **argv)
errx(1, "snprintf");
if (!readpassphrase(prompt, pin, sizeof(pin), RPP_ECHO_OFF))
errx(1, "readpassphrase");
+ if (strlen(pin) < 4 || strlen(pin) > 63) {
+ explicit_bzero(pin, sizeof(pin));
+ errx(1, "invalid PIN length");
+ }
r = fido_dev_make_cred(dev, cred, pin);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 17:18:21 +0000