Skip to content

Enforce existing username length limit #1995

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jan 13, 2021
Merged

Enforce existing username length limit #1995

merged 6 commits into from
Jan 13, 2021

Conversation

patrikjuvonen
Copy link
Contributor

@patrikjuvonen patrikjuvonen commented Jan 10, 2021
edited
Loading

At the moment our database code already limits usernames to 64 characters long, but is not enforced elsewhere in the code, causing potential buffer overflows when handling usernames. To fix this let's limit the usernames to max length.

Note that whether the limit should be changed is out-of-scope for this PR. This PR only wants to get rid of potential issues caused by overlong usernames.

Should be backwards compatible as far as I can see.

@patrikjuvonen
Enforce max username length limit
1f8d437 
Database code already limits usernames to 64 characters. See the
CAccountManager::load function for more info about db upgrade.
@patrikjuvonen
Remove unused SString
75f16f9
@patrikjuvonen patrikjuvonen added the enhancement New feature or request label Jan 10, 2021
@patrikjuvonen patrikjuvonen added this to the 1.6 milestone Jan 10, 2021
@patrikjuvonen patrikjuvonen requested a review from botder January 10, 2021 14:26
botder
botder requested changes Jan 10, 2021
View reviewed changes
@patrikjuvonen

This comment has been minimized.

Sign in to view
@patrikjuvonen patrikjuvonen requested a review from botder January 10, 2021 19:43
botder
botder requested changes Jan 10, 2021
View reviewed changes
@patrikjuvonen

This comment has been minimized.

Sign in to view
@patrikjuvonen patrikjuvonen requested a review from botder January 10, 2021 22:08
@patrikjuvonen patrikjuvonen merged commit ce63ba6 into multitheftauto:master Jan 13, 2021
@patrikjuvonen patrikjuvonen deleted the feature/limit-username-length branch January 13, 2021 20:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Pirulax Pirulax Pirulax left review comments

@botder botder botder approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
1.5.9
Development

Successfully merging this pull request may close these issues.
3 participants
@patrikjuvonen @Pirulax @botder