From 31af7049fc2b40892f4c4e222e78b52e363cdeae Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Fri, 3 Apr 2020 23:17:56 -0600
Subject: highlighter: insist on 256-bit keys, not 257-bit or 258-bit

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 WireGuard/WireGuard/UI/macOS/View/highlighter.c | 29 +++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/WireGuard/WireGuard/UI/macOS/View/highlighter.c b/WireGuard/WireGuard/UI/macOS/View/highlighter.c
index 171a84c..e0d4e04 100644
--- a/WireGuard/WireGuard/UI/macOS/View/highlighter.c
+++ b/WireGuard/WireGuard/UI/macOS/View/highlighter.c
@@ -1,6 +1,6 @@
 // SPDX-License-Identifier: GPL-2.0
 /*
- * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
  */
 
 #include <stdbool.h>
@@ -62,11 +62,32 @@ static bool is_valid_key(string_span_t s)
 	if (s.len != 44 || s.s[43] != '=')
 		return false;
 
-	for (size_t i = 0; i < 43; ++i) {
+	for (size_t i = 0; i < 42; ++i) {
 		if (!is_decimal(s.s[i]) && !is_alphabet(s.s[i]) &&
 		    s.s[i] != '/' && s.s[i] != '+')
 			return false;
 	}
+	switch (s.s[42]) {
+	case 'A':
+	case 'E':
+	case 'I':
+	case 'M':
+	case 'Q':
+	case 'U':
+	case 'Y':
+	case 'c':
+	case 'g':
+	case 'k':
+	case 'o':
+	case 's':
+	case 'w':
+	case '4':
+	case '8':
+	case '0':
+		break;
+	default:
+		return false;
+	}
 	return true;
 }
 
@@ -166,9 +187,9 @@ static bool is_valid_uint(string_span_t s, bool support_hex, uint64_t min, uint6
 
 	if (support_hex && s.len > 2 && s.s[0] == '0' && s.s[1] == 'x') {
 		for (size_t i = 2; i < s.len; ++i) {
-			if (s.s[i] - '0' < 10)
+			if ((unsigned)s.s[i] - '0' < 10)
 				val = 16 * val + (s.s[i] - '0');
-			else if ((s.s[i] | 32) - 'a' < 6)
+			else if (((unsigned)s.s[i] | 32) - 'a' < 6)
 				val = 16 * val + (s.s[i] | 32) - 'a' + 10;
 			else
 				return false;
-- 
cgit v1.2.3-59-g8ed1b