Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

A "goto fail" style bug could allow for blankness but not truncatedness. Basic idea:

    if(!check_params()) {
        failed = true;
        goto fail;
    }
    if(some_other_check()) {
        failed = true;
        goto fail;
    }
    if(token_length == 0) {
        goto fail; // oops, forgot to set failed
    }
    ...check the token...
    fail:
    if(failed) {
        return auth_failure;
    }
I have no idea if this is anything like what actually happened, of course.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: