malczak / hashids

Hashids, ported for Swift (http://www.hashids.org)
MIT License
110 stars 35 forks source link

Fix Double -> Int overflow that can cause crash #23

Open gh123man opened 1 year ago

gh123man commented 1 year ago

Today this library is unsafe.

let hashOfMaxInt64 = "jvNx4BjM5KYjv" // untrusted input
let hashids = Hashids(salt: "this is my salt")
let values = hashids.decode64(hashOfMaxInt64) // 💥 Crash

A simple hash of Int64.max will crash when attempting to decode because the double overflows the integer during decoding. Personally, I think the Double -> Int constructor should return an optional since it can fail as this ends up being a foot-gun in an otherwise safe language.

Because of how hashids work, it is impossible to know ahead of time if a given input is safe without first trying to decode it. If you run this library on a web server on untrusted input, you are at risk of a crash and should patch immediately.

This PR fixes the issue and adds swift package support. Since it appears this repo is no longer accepting PRs, I will leave my fork up for others to use including this bug fix: https://github.com/gh123man/hashids