You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 6, 2021. It is now read-only.
Original issue 26 created by valient on 2011-01-18T08:24:54.000Z:
Noticed that DISALLOW_REUSE was not being correctly maintained. To more easily demonstrate the problem, I extracted invalidate_timebased_code into a separate test program and called it multiple times in a loop, here is the progression:
Comment #5 originally posted by markus@google.com on 2011-03-10T08:47:21.000Z:
This is now tested for in the unittest and fixed in the code. Thank you for the very detailed bug report and for even attaching a patch. I ended up fixing things a little differently, but the patch helped in explaining the bug.
Original issue 26 created by valient on 2011-01-18T08:24:54.000Z:
Noticed that DISALLOW_REUSE was not being correctly maintained. To more easily demonstrate the problem, I extracted invalidate_timebased_code into a separate test program and called it multiple times in a loop, here is the progression:
ABABABABABABABA
" DISALLOW_REUSE 43177960
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE 43177960 43177961
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE 43177960 43177961 43177962
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE 43177960 43177961 43177962 43177963
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE43177961 43177962 43177963 43177964
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE43177961 43177962 43177963 43177964 43177965
" TOTP_AUTH
1234567
ABABABABABABABA
" DISALLOW_REUSE4317796143177963 43177964 43177965 43177966
" TOTP_AUTH
1234567
... It continues to get worse every 2 iterations.
My wrapper code used for testing:
int main(int argc, char **argv)
{
char *buf = strdup("ABABABABABABABA\n"
"" DISALLOW_REUSE\n"
"" TOTP_AUTH\n"
"1234567\n");
int tm = get_timestamp();
for(int i=0; i<10; ++i, ++tm) {
invalidate_timebased_code(tm, &buf);
}
return 0;
}
The text was updated successfully, but these errors were encountered: