Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Check for invalid input in encrypted buffers
The ECB Blowfish decryption function assumed that encrypted input would always come in blocks of 12 characters, as specified. However, buggy clients or annoying people may not adhere to that assumption, causing the core to crash while trying to process the invalid base64 input. With this commit we make sure that we're not overstepping the bounds of the input string while decoding it; instead we bail out early and display the original input. Fixes #1314. Thanks to Tucos for finding that one!
- Loading branch information