fixed security vulnerability (complete password hash is printed)
This commit is contained in:
parent
a63df92f50
commit
4acc130af7
@ -54,8 +54,8 @@ public class LoginCredentials implements Serializable {
|
||||
public String toString() {
|
||||
try (Formatter form = new Formatter()) {
|
||||
form.format("LoginCredentials[identifier=%s,passwordHash=", identifier);
|
||||
for (byte element : passwordHash)
|
||||
form.format("%02x", element);
|
||||
for (int i = 0; i < 3; i++)
|
||||
form.format("%02x", passwordHash[i]);
|
||||
return form.format(",registration=%b]", registration).toString();
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user