From 1a832c613d69d58fe0ee046976db60e1e5996fa6 Mon Sep 17 00:00:00 2001
From: Matthew Miller <matthew@millerti.me>
Date: Sun, 22 Aug 2021 14:06:33 -0700
Subject: Fix parsing extension data in auth data

---
 packages/server/src/helpers/parseAuthenticatorData.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'packages/server/src/helpers/parseAuthenticatorData.ts')

diff --git a/packages/server/src/helpers/parseAuthenticatorData.ts b/packages/server/src/helpers/parseAuthenticatorData.ts
index 9b13195..911c9e0 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.ts
@@ -45,17 +45,18 @@ export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenti
     const firstDecoded = decodeCborFirst(authData.slice(pointer));
     const firstEncoded = Buffer.from(cbor.encode(firstDecoded) as ArrayBuffer);
     credentialPublicKey = firstEncoded;
-    authData = authData.slice((pointer += firstEncoded.byteLength));
+    pointer += firstEncoded.byteLength;
   }
 
   let extensionsDataBuffer: Buffer | undefined = undefined;
   if (flags.ed) {
-    const firstDecoded = decodeCborFirst(authData);
+    const firstDecoded = decodeCborFirst(authData.slice(pointer));
     const firstEncoded = Buffer.from(cbor.encode(firstDecoded) as ArrayBuffer);
     extensionsDataBuffer = firstEncoded;
-    authData = authData.slice((pointer += firstEncoded.byteLength));
+    pointer += firstEncoded.byteLength;
   }
 
+  // Pointer should be at the end of the authenticator data, otherwise too much data was sent
   if (authData.byteLength > pointer) {
     throw new Error('Leftover bytes detected while parsing authenticator data');
   }
-- 
cgit v1.2.3