@@ -47,11 +47,19 @@ func Obfuscate(raw string, token bool) (string, string) {
4747 remaining := l
4848 index := 0
4949
50+ // prevent generate string like "$${a:Ya]vF:QHL-n[ub8:-}{"
51+ // it will make behind string useless
52+ lastCharacter := byte (0 )
53+
5054 // prevent not obfuscate twice, otherwise maybe
5155 // generate string like 1."jn" 2."di" -> "jndi"
5256 lastObfuscated := true
5357
5458 for {
59+ if remaining <= 0 {
60+ break
61+ }
62+
5563 // first select section length
5664 // use 0-3 is used to prevent include special
5765 // string like "jndi", "ldap" and "http"
@@ -61,26 +69,34 @@ func Obfuscate(raw string, token bool) (string, string) {
6169 }
6270 section := raw [index : index + size ]
6371
64- // contain special character
65- var skip bool
72+ // if section contain special character
73+ // not obfuscate them
74+ var notObfuscate bool
6675 for i := 0 ; i < len (section ); i ++ {
6776 _ , ok := skippedChars [section [i ]]
6877 if ok {
69- skip = true
78+ notObfuscate = true
7079 break
7180 }
7281 }
7382
83+ // must check last character is "$"
84+ // for prevent appear string like "$${"
85+ if lastCharacter == '$' {
86+ notObfuscate = true
87+ }
88+
7489 // obfuscate or not
75- if skip || (! randBool () && lastObfuscated ) {
90+ if notObfuscate || (randBool () && lastObfuscated ) {
91+ if size == 0 {
92+ continue
93+ }
7694 obfuscated .WriteString (section )
7795
7896 remaining -= size
79- if remaining <= 0 {
80- break
81- }
8297 index += size
8398 lastObfuscated = false
99+ lastCharacter = section [size - 1 ]
84100 continue
85101 }
86102
@@ -104,11 +120,9 @@ func Obfuscate(raw string, token bool) (string, string) {
104120 obfuscated .WriteString ("}" )
105121
106122 remaining -= size
107- if remaining <= 0 {
108- break
109- }
110123 index += size
111124 lastObfuscated = true
125+ // lastCharacter must be "}"
112126 }
113127
114128 return obfuscated .String (), rwt
0 commit comments