__builtin.Nettle.Hash.SCRAM: Fix security issue in server_3().

The password was not validated properly if the syntax was valid,
but not the nonce.

Fixes some of #10040.
parent 2fc47f0e
......@@ -1315,13 +1315,14 @@ class SCRAM
string(7bit) server_3(string(8bit) line,
string(8bit) salted_password) {
constant format = "c=biws,r=%s,p=%s";
string r, p;
string(8bit) r, p;
string(7bit) ret;
if (!catch([r, p] = array_sscanf(line, format))
&& r == nonce) {
first += sprintf("c=biws,r=%s", r);
p = p == clientproof(salted_password) && sprintf("v=%s", nonce);
ret = p == clientproof(salted_password) && sprintf("v=%s", nonce);
return [string(7bit)]p;
return ret;
//! Final client-side step in the SCRAM handshake. If we get this far, the
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment