From 7ce65b0d3a5525be9585abd510efc421b00d1f60 Mon Sep 17 00:00:00 2001
From: Syfaro <syfaro@huefox.com>
Date: Thu, 29 Feb 2024 00:39:35 -0500
Subject: [PATCH] Limit Passkey name length.

---
 src/auth.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/auth.rs b/src/auth.rs
index 57bf019..a845043 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -715,6 +715,10 @@ async fn verify_registration(
         .and_then(|name| name.to_str().ok())
         .ok_or(Error::Missing)?;
 
+    if passkey_name.is_empty() || passkey_name.len() > 128 {
+        return Err(Error::user_error("Passkey name is empty or too long."));
+    }
+
     let reg_state = session
         .remove_as("reg_state")
         .ok_or(Error::Missing)?