Fix cred 8000 entials filtering with no allowList #401

lunt7 · 2020-03-23T1 8000 8:39:03Z

getAssertionState.creds[ALLOW_LIST_MAX_SIZE] has space for
ALLOW_LIST_MAX_SIZE credentials but we are only filling it up to
ALLOW_LIST_MAX_SIZE - 1

conorpp · 2020-03-27T15:24:47Z

Since C arrays start at 0, I believe GA->creds[ALLOW_LIST_MAX_SIZE - 1]; is the last element?

jolo1581 · 2020-03-29T07:41:07Z

@conorpp you are right n-1 ist the last element of the array. But in this case this is an error exception if your counter is outside array size. So n-1 is valid and n not.

Also it is not a good style asking for equal. Better it would be:

if (count > ALLOW_LIST_MAX_SIZE-1)

or

if (count >= ALLOW_LIST_MAX_SIZE)

So If @lunt7 would correct this to one of the example above and it would be right.

Greetz Jan

count is an index into the creds array in getAssertionState, and it is checked against the array bounds before data are copied. The array contains space for ALLOW_LIST_MAX_SIZE entries but we are only filling it up to ALLOW_LIST_MAX_SIZE - 1 since the loop terminates early.

lunt7 · 2020-03-30T19:06:35Z

There is a similar condition checking in save_credential_list(), so I decided to go with the first one to be consistent.

lunt7 force-pushed the fix_filter_credentials branch from 8913f17 to 0955619 Compare March 30, 2020 18:51

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Fix cred 8000 entials filtering with no allowList #401

Fix credentials filtering with no allowList #401

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Fix cred 8000 entials filtering with no allowList #401

Are you sure you want to change the base?

Fix credentials filtering with no allowList #401

Uh oh!

Conversation

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!