Fix security vulnerbilities.

Fix possible length extension attack, predicable generators, timing attacks on hash comparision and improved formatting.
2025-04-26 13:50:11 +00:00 · 2019-10-10 15:21:41 -08:00 · 2019-10-10 15:21:41 -08:00 · 811cdcdfcb
commit 811cdcdfcb
parent 50fa119f79
8 changed files with 455 additions and 332 deletions
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@ -1,4 +1,5 @@
 <?php
+
 /**
 * @file mod/lostpass.php
 */
@ -27,7 +28,7 @@ function lostpass_post(App $a)
 		$a->internalRedirect();
 	}

-	$pwdreset_token = Strings::getRandomName(12) . mt_rand(1000, 9999);
+	$pwdreset_token = Strings::getRandomName(12) . random_int(1000, 9999);

 	$fields = [
 		'pwdreset' => $pwdreset_token,