Matthew Garrett on Nostr: Once again in a situation to tell people that IPMI passwords have a maximum length in ...
Once again in a situation to tell people that IPMI passwords have a maximum length in bytes, not characters, and so many implementations will assign a 20 byte array, accept a 20 character password, and then set the last byte of the array to \0 and so silently truncate the password to 19 characters
Published at
2023-08-10 03:01:02Event JSON
{
"id": "6b038c36f264bb5b42b24caaac7e286905152ff9d7d91fd8e832ae11345353e6",
"pubkey": "ef5e80e6c74387ef14f5c6b89079f22b6847dc14365001c0ed662a20bd891677",
"created_at": 1691629262,
"kind": 1,
"tags": [
[
"proxy",
"https://nondeterministic.computer/users/mjg59/statuses/110862615356533120",
"activitypub"
]
],
"content": "Once again in a situation to tell people that IPMI passwords have a maximum length in bytes, not characters, and so many implementations will assign a 20 byte array, accept a 20 character password, and then set the last byte of the array to \\0 and so silently truncate the password to 19 characters",
"sig": "8feeeb278350c00c76b7072af9679b4ce3931eb75baf921df812ba5e5ab05bf40695c5af0455e51bb1d3b1a93fa5e04ea6d0bd7fb48429624e75e6f3c8c0b3a1"
}