Closed x43x61x69 closed 5 years ago
I noticed that here by wcslen(PasswordCopy) - 1, the last character of the password seems to be left out without converting to lowercase on Windows 10 and make it possible to bypass the blacklist:
wcslen(PasswordCopy) - 1
https://github.com/ryanries/PassFiltEx/blob/80734d829ff390f4c2cb1b5dbb405207a0d8d779/PassFiltEx.c#L501
I thought it should be ended with \0 so your code should be correct but with a quick console printing it seem to say otherwise.
\0
Could you confirm it's the case (and if there're other places that may have the same logical error)?
Fixed.
ryanries
commented
5 years ago
I noticed that here by
wcslen(PasswordCopy) - 1, the last character of the password seems to be left out without converting to lowercase on Windows 10 and make it possible to bypass the blacklist:https://github.com/ryanries/PassFiltEx/blob/80734d829ff390f4c2cb1b5dbb405207a0d8d779/PassFiltEx.c#L501
I thought it should be ended with
\0so your code should be correct but with a quick console printing it seem to say otherwise.Could you confirm it's the case (and if there're other places that may have the same logical error)?