toolz/goplt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(lint): fix all linting errors
Some checks failed
CI / Test (pull_request) Successful in 53s
Details
CI / Lint (pull_request) Failing after 26s
Details
CI / Build (pull_request) Successful in 39s
Details
CI / Format Check (pull_request) Failing after 2s
Details

Browse Source 
- Check BindEnv return values in config.go
- Add bounds checks for int->int32/uint32 conversions to prevent overflow
- Remove unused test helper functions
This commit is contained in:
0x1d
2025-11-07 09:34:22 +01:00
parent 131e44f3d4
commit e673fcae6f
7 changed files with 44 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
services/identity/internal/password/password.go
View File

@@ -7,6 +7,7 @@ import (
"encoding/base64"
"errors"
"fmt"
"math"
"strings"
"golang.org/x/crypto/argon2"
@@ -77,7 +78,11 @@ func Verify(password, hash string) (bool, error) {
}
// Compute hash with same parameters
actualHash := argon2.IDKey([]byte(password), salt, uint32(t), uint32(m), uint8(p), uint32(len(expectedHash)))
hashLen := len(expectedHash)
if hashLen < 0 || hashLen > math.MaxUint32 {
return false, fmt.Errorf("invalid hash length: %d", hashLen)
}
actualHash := argon2.IDKey([]byte(password), salt, uint32(t), uint32(m), uint8(p), uint32(hashLen))
// Constant-time comparison
if subtle.ConstantTimeCompare(expectedHash, actualHash) == 1 {