fix: critical and high-severity security fixes
All checks were successful
Deploy to Production / Deploy to Server (push) Successful in 2m52s
All checks were successful
Deploy to Production / Deploy to Server (push) Successful in 2m52s
- CRITICAL: DNS rebinding SSRF - pin DNS resolution via request interception - CRITICAL: XSS in billing success - use data-attribute instead of JS string - HIGH: Webhook signature bypass - refuse unverified webhooks (500) - HIGH: Filename header injection - sanitize Content-Disposition filename - HIGH: Verification code timing attack - use crypto.timingSafeEqual() - HIGH: Remove duplicate unreachable 404 handler - HIGH: Add IPv6 unique local (fc00::/7) to SSRF private IP check - HIGH: Replace console.warn with structured logger
This commit is contained in:
OpenClaw
parent
a01fbb0357
commit
8a86e34f91
6 changed files with 62 additions and 39 deletions
|
|
@ -1,4 +1,4 @@
|
|||
import { randomBytes, randomInt } from "crypto";
|
||||
import { randomBytes, randomInt, timingSafeEqual } from "crypto";
|
||||
import logger from "./logger.js";
|
||||
import pool from "./db.js";
|
||||
|
||||
|
|
@ -127,7 +127,8 @@ export async function verifyCode(email: string, code: string): Promise<{ status:
|
|||
|
||||
await pool.query("UPDATE pending_verifications SET attempts = attempts + 1 WHERE email = $1", [cleanEmail]);
|
||||
|
||||
if (pending.code !== code) {
|
||||
const a = Buffer.from(pending.code, "utf8"); const b = Buffer.from(code, "utf8"); const codeMatch = a.length === b.length && timingSafeEqual(a, b);
|
||||
if (!codeMatch) {
|
||||
return { status: "invalid" };
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue