From fbecce8a1170b88e4a052d0348c7bfff45678a8c Mon Sep 17 00:00:00 2001
From: Samuele Pedroni <pedronis@lucediurna.net>
Date: Thu, 19 Nov 2015 20:16:02 +0100
Subject: [PATCH] panic if fingerprintSuffix is not at least 64bits or it
 specifies a half byte

---
 asserts/database.go | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/asserts/database.go b/asserts/database.go
index 9f0f632b77..aa881ef9e0 100644
--- a/asserts/database.go
+++ b/asserts/database.go
@@ -125,9 +125,17 @@ func (db *Database) ImportKey(authorityID string, privKey *packet.PrivateKey) (f
 }
 
 // use a generalized matching style along what PGP does where keys can be
-// retrieved by giving suffixes of their fingerprint
+// retrieved by giving suffixes of their fingerprint,
+// for safety suffix must be at least 64 bits though
 // TODO: may need more details about the kind of key we are looking for
 func (db *Database) findPublicKeys(authorityID, fingerprintSuffix string) []PublicKey {
+	suffixLen := len(fingerprintSuffix)
+	if suffixLen % 2 == 1 {
+		panic(fmt.Errorf("findPublicKeys: fingerprintSuffix cannot specify a half byte"))
+	}
+	if suffixLen < 16 {
+		panic(fmt.Errorf("findPublicKeys: fingerprintSuffix must be at leat 64bits"))
+	}
 	res := make([]PublicKey, 0, 1)
 	cands := db.cfg.TrustedKeys[authorityID]
 	for _, cand := range cands {