Check for leftover bytes after parsing authData

author: Matthew Miller <matthew@millerti.me> 2020-06-30 08:10:43 -0700
committer: Matthew Miller <matthew@millerti.me> 2020-06-30 08:10:43 -0700
commit: 23c3124dbc30ea26884a14ce849081f230269bc4 (patch)
tree: d24bdd96ddcb55135d3d17f5e268e25ab5693ef5 /packages/server/src/helpers/parseAuthenticatorData.ts
parent: b3664f1e7a47cc4180c2ff2664092f9a2bc23d15 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/packages/server/src/helpers/parseAuthenticatorData.ts b/packages/server/src/helpers/parseAuthenticatorData.ts
index 991f1df..964d274 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.ts
@@ -64,6 +64,10 @@ export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenti
     intBuffer = intBuffer.slice(firstEncoded.byteLength);
   }
 
+  if (intBuffer.byteLength > 0) {
+    throw new Error('Leftover bytes detected while parsing authenticator data');
+  }
+
   return {
     rpIdHash,
     flagsBuf,
author	Matthew Miller <matthew@millerti.me>	2020-06-30 08:10:43 -0700
committer	Matthew Miller <matthew@millerti.me>	2020-06-30 08:10:43 -0700
commit	23c3124dbc30ea26884a14ce849081f230269bc4 (patch)
tree	d24bdd96ddcb55135d3d17f5e268e25ab5693ef5 /packages/server/src/helpers/parseAuthenticatorData.ts
parent	b3664f1e7a47cc4180c2ff2664092f9a2bc23d15 (diff)