summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src/helpers/parseAuthenticatorData.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src/helpers/parseAuthenticatorData.ts')
-rw-r--r--packages/server/src/helpers/parseAuthenticatorData.ts7
1 files changed, 4 insertions, 3 deletions
diff --git a/packages/server/src/helpers/parseAuthenticatorData.ts b/packages/server/src/helpers/parseAuthenticatorData.ts
index 9b13195..911c9e0 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.ts
@@ -45,17 +45,18 @@ export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenti
const firstDecoded = decodeCborFirst(authData.slice(pointer));
const firstEncoded = Buffer.from(cbor.encode(firstDecoded) as ArrayBuffer);
credentialPublicKey = firstEncoded;
- authData = authData.slice((pointer += firstEncoded.byteLength));
+ pointer += firstEncoded.byteLength;
}
let extensionsDataBuffer: Buffer | undefined = undefined;
if (flags.ed) {
- const firstDecoded = decodeCborFirst(authData);
+ const firstDecoded = decodeCborFirst(authData.slice(pointer));
const firstEncoded = Buffer.from(cbor.encode(firstDecoded) as ArrayBuffer);
extensionsDataBuffer = firstEncoded;
- authData = authData.slice((pointer += firstEncoded.byteLength));
+ pointer += firstEncoded.byteLength;
}
+ // Pointer should be at the end of the authenticator data, otherwise too much data was sent
if (authData.byteLength > pointer) {
throw new Error('Leftover bytes detected while parsing authenticator data');
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-21 22:11:44 +0000