mirror of
https://github.com/status-im/zxcvbn-go.git
synced 2025-01-09 19:15:52 +00:00
db0cf37600
The output of strings.ToLower can have less bytes than the input. There are valid utf8 strings which demonstrate this which could be entered as potential passwords which would cause an out of bounds slice access in the dictionary match code. Fixed issue in go 1.10 test code for adjcmatrix.go to make sure the tests passed cleanly.
13 lines
172 B
Go
13 lines
172 B
Go
package fuzz
|
|
|
|
import (
|
|
"github.com/nbutton23/zxcvbn-go"
|
|
)
|
|
|
|
func Fuzz(data []byte) int {
|
|
password := string(data)
|
|
|
|
_ = zxcvbn.PasswordStrength(password, nil)
|
|
return 1
|
|
}
|