search

RiotGames / key-conjurer

Temporary Credential Service
https://technology.riotgames.com/news/key-conjurer-our-policy-least-privilege
Apache License 2.0
167 stars 33 forks source link

Parsing Bounds Issue for Onelogin MFA Devices #40

Closed riot-jetaylor closed 1 year ago

riot-jetaylor commented 4 years ago

When looking for a Duo device from the Onelogin flow, the device signatures are parsed into an array which is not checked for bounds before further use.

device := &onelogin.Device{} for i, aDevice := range stateTokenResponse.Devices { if aDevice.DeviceType == "Duo Duo Security" { device = &stateTokenResponse.Devices[i] } } signatures := strings.Split(device.SignatureRequest, ":") txSignature := signatures[0] appSignature := signatures[1]

path: api/authenticators/onelogin_duo/authenticator.go lines: 103-111