Use character streams for handling strings, to ensure UTF-8 compatibi…

…lity
shssoichiro · Jan 4, 2018 · 543a668 · 543a668
1 parent 60d1892
commit 543a668
Show file tree

Hide file tree

Showing 4 changed files with 127 additions and 115 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+**Version 0.6.3 (unreleased)**
+ - Refactor handling of strings to use streaming of characters. This brings zxcvbn closer to working on UTF-8 inputs.
+
+**Version 0.6.2**
+ - Upgrade dependencies and fix linter warnings
+
 **Version 0.6.1**
  - Upgrade `derive_builder` to 0.5.0
  - Fix a bug that was causing incorrect scoring for some passwords (https://github.com/shssoichiro/zxcvbn-rs/issues/13)

diff --git a/src/lib.rs b/src/lib.rs
@@ -105,20 +105,16 @@ pub fn zxcvbn(password: &str, user_inputs: &[&str]) -> Result<Entropy, ZxcvbnErr
 
     // Only evaluate the first 100 characters of the input.
     // This prevents potential DoS attacks from sending extremely long input strings.
-    let password = if password.len() > 100 {
-        &password[0..100]
-    } else {
-        password
-    };
+    let password = password.chars().take(100).collect::<String>();
 
     let sanitized_inputs = user_inputs
         .iter()
         .enumerate()
         .map(|(i, x)| (x.to_lowercase(), i + 1))
         .collect();
 
-    let matches = matching::omnimatch(password, &sanitized_inputs);
-    let result = scoring::most_guessable_match_sequence(password, &matches, false);
+    let matches = matching::omnimatch(&password, &sanitized_inputs);
+    let result = scoring::most_guessable_match_sequence(&password, &matches, false);
     let calc_time = (time::precise_time_ns() - start_time_ns) / 1_000_000;
     let (attack_times, attack_times_display, score) =
         time_estimates::estimate_attack_times(result.guesses);