Allow only ASCII characters in password

skycoin · Jan 24, 2020 · 1ee42c9 · 1ee42c9
1 parent f161dce
commit 1ee42c9
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/pkg/hypervisor/user.go b/pkg/hypervisor/user.go
@@ -30,6 +30,7 @@ var (
 	ErrSimplePassword = fmt.Errorf("password must have at least one upper, lower, digit and special character")
 	ErrUserExists     = fmt.Errorf("username already exists")
 	ErrNameNotAllowed = fmt.Errorf("name not allowed")
+	ErrNonASCII       = fmt.Errorf("non-ASCII character found")
 )
 
 // nolint: gochecknoinits
@@ -262,6 +263,10 @@ func checkPasswordStrength(password string) error {
 	seen := make([]bool, len(passwordClasses))
 
 	for _, r := range password {
+		if r < '!' || r > unicode.MaxASCII {
+			return ErrNonASCII
+		}
+
 		for i, class := range passwordClasses {
 			if unicode.IsOneOf(class, r) {
 				seen[i] = true

diff --git a/pkg/hypervisor/user_test.go b/pkg/hypervisor/user_test.go
@@ -19,6 +19,11 @@ func Test_checkPasswordFormat(t *testing.T) {
 			password: strings.Repeat("Aa1!", 4),
 			err:      nil,
 		},
+		{
+			name:     "Non ASCII",
+			password: strings.Repeat("Aå1!", 4),
+			err:      ErrNonASCII,
+		},
 		{
 			name:     "Too short",
 			password: "1",