aboutsummaryrefslogtreecommitdiff
path: root/contrib/libfido2/tools/pin.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/libfido2/tools/pin.c')
-rw-r--r--contrib/libfido2/tools/pin.c26
1 files changed, 21 insertions, 5 deletions
diff --git a/contrib/libfido2/tools/pin.c b/contrib/libfido2/tools/pin.c
index f342347d1ff5..8b2697ed8e1e 100644
--- a/contrib/libfido2/tools/pin.c
+++ b/contrib/libfido2/tools/pin.c
@@ -2,6 +2,7 @@
* Copyright (c) 2018 Yubico AB. All rights reserved.
* Use of this source code is governed by a BSD-style
* license that can be found in the LICENSE file.
+ * SPDX-License-Identifier: BSD-2-Clause
*/
#include <fido.h>
@@ -21,8 +22,8 @@ pin_set(char *path)
{
fido_dev_t *dev = NULL;
char prompt[1024];
- char pin1[1024];
- char pin2[1024];
+ char pin1[128];
+ char pin2[128];
int r;
int status = 1;
@@ -55,6 +56,11 @@ pin_set(char *path)
goto out;
}
+ if (strlen(pin1) < 4 || strlen(pin1) > 63) {
+ fprintf(stderr, "invalid PIN length\n");
+ goto out;
+ }
+
if ((r = fido_dev_set_pin(dev, pin1, NULL)) != FIDO_OK) {
warnx("fido_dev_set_pin: %s", fido_strerr(r));
goto out;
@@ -76,9 +82,9 @@ pin_change(char *path)
{
fido_dev_t *dev = NULL;
char prompt[1024];
- char pin0[1024];
- char pin1[1024];
- char pin2[1024];
+ char pin0[128];
+ char pin1[128];
+ char pin2[128];
int r;
int status = 1;
@@ -98,6 +104,11 @@ pin_change(char *path)
goto out;
}
+ if (strlen(pin0) < 4 || strlen(pin0) > 63) {
+ warnx("invalid PIN length");
+ goto out;
+ }
+
r = snprintf(prompt, sizeof(prompt), "Enter new PIN for %s: ", path);
if (r < 0 || (size_t)r >= sizeof(prompt)) {
warnx("snprintf");
@@ -125,6 +136,11 @@ pin_change(char *path)
goto out;
}
+ if (strlen(pin1) < 4 || strlen(pin1) > 63) {
+ fprintf(stderr, "invalid PIN length\n");
+ goto out;
+ }
+
if ((r = fido_dev_set_pin(dev, pin1, pin0)) != FIDO_OK) {
warnx("fido_dev_set_pin: %s", fido_strerr(r));
goto out;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 17:31:26 +0000