diff options
Diffstat (limited to 'contrib/libfido2/tools/pin.c')
-rw-r--r-- | contrib/libfido2/tools/pin.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/contrib/libfido2/tools/pin.c b/contrib/libfido2/tools/pin.c index f342347d1ff5..8b2697ed8e1e 100644 --- a/contrib/libfido2/tools/pin.c +++ b/contrib/libfido2/tools/pin.c @@ -2,6 +2,7 @@ * Copyright (c) 2018 Yubico AB. All rights reserved. * Use of this source code is governed by a BSD-style * license that can be found in the LICENSE file. + * SPDX-License-Identifier: BSD-2-Clause */ #include <fido.h> @@ -21,8 +22,8 @@ pin_set(char *path) { fido_dev_t *dev = NULL; char prompt[1024]; - char pin1[1024]; - char pin2[1024]; + char pin1[128]; + char pin2[128]; int r; int status = 1; @@ -55,6 +56,11 @@ pin_set(char *path) goto out; } + if (strlen(pin1) < 4 || strlen(pin1) > 63) { + fprintf(stderr, "invalid PIN length\n"); + goto out; + } + if ((r = fido_dev_set_pin(dev, pin1, NULL)) != FIDO_OK) { warnx("fido_dev_set_pin: %s", fido_strerr(r)); goto out; @@ -76,9 +82,9 @@ pin_change(char *path) { fido_dev_t *dev = NULL; char prompt[1024]; - char pin0[1024]; - char pin1[1024]; - char pin2[1024]; + char pin0[128]; + char pin1[128]; + char pin2[128]; int r; int status = 1; @@ -98,6 +104,11 @@ pin_change(char *path) goto out; } + if (strlen(pin0) < 4 || strlen(pin0) > 63) { + warnx("invalid PIN length"); + goto out; + } + r = snprintf(prompt, sizeof(prompt), "Enter new PIN for %s: ", path); if (r < 0 || (size_t)r >= sizeof(prompt)) { warnx("snprintf"); @@ -125,6 +136,11 @@ pin_change(char *path) goto out; } + if (strlen(pin1) < 4 || strlen(pin1) > 63) { + fprintf(stderr, "invalid PIN length\n"); + goto out; + } + if ((r = fido_dev_set_pin(dev, pin1, pin0)) != FIDO_OK) { warnx("fido_dev_set_pin: %s", fido_strerr(r)); goto out; |