Skip to content

Commit 7e0815c

Browse files
say8425claude
andcommitted
fix: add min length and even length check for hex detection
Prevents false positives where short hex-like strings (e.g. "face") would be incorrectly decoded as hex-encoded credentials. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent b890984 commit 7e0815c

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

src/usage/token.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,12 @@ export function parseCredentialString(raw: string): string | null {
77
if (text.length === 0) return null;
88

99
// macOS security -w outputs hex when password has non-printable chars
10-
if (/^[0-9a-fA-F]+$/.test(text) && text.length > 0) {
10+
// Require even length and min length to avoid false positives (e.g. "face")
11+
if (
12+
text.length > 10 &&
13+
text.length % 2 === 0 &&
14+
/^[0-9a-fA-F]+$/.test(text)
15+
) {
1116
text = Buffer.from(text, "hex").toString("utf-8");
1217
}
1318

0 commit comments

Comments
 (0)