fixed security vulnerability (complete password hash is printed)

This commit is contained in:
delvh 2020-03-29 10:28:05 +02:00
parent 8cdd12e6b8
commit c41089e005

View File

@ -54,8 +54,8 @@ public class LoginCredentials implements Serializable {
public String toString() {
try (Formatter form = new Formatter()) {
form.format("LoginCredentials[identifier=%s,passwordHash=", identifier);
for (byte element : passwordHash)
form.format("%02x", element);
for (int i = 0; i < 3; i++)
form.format("%02x", passwordHash[i]);
return form.format(",registration=%b]", registration).toString();
}
}