Fix security vulnerbilities.

Fix possible length extension attack, predicable generators, timing attacks on hash comparision and improved formatting.
2019-10-10 15:21:41 -08:00
parent 50fa119f79
commit 811cdcdfcb
8 changed files with 455 additions and 332 deletions
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
 * @file mod/lostpass.php
 */
@@ -27,7 +28,7 @@ function lostpass_post(App $a)
 		$a->internalRedirect();
 	}

-	$pwdreset_token = Strings::getRandomName(12) . mt_rand(1000, 9999);
+	$pwdreset_token = Strings::getRandomName(12) . random_int(1000, 9999);

 	$fields = [
 		'pwdreset' => $pwdreset_token,