From 5ab86bd6f333aad3936f912fc52b411168dcd4a7 Mon Sep 17 00:00:00 2001
From: mojocn <neochau@gmail.com>
Date: Fri, 8 Dec 2023 12:48:09 +0000
Subject: [PATCH] fix verify bug

---
 store_memory.go      | 3 +++
 store_memory_test.go | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/store_memory.go b/store_memory.go
index eb9bfb4..9ad79c9 100644
--- a/store_memory.go
+++ b/store_memory.go
@@ -66,6 +66,9 @@ func (s *memoryStore) Set(id string, value string) error {
 }
 
 func (s *memoryStore) Verify(id, answer string, clear bool) bool {
+	if id == "" || answer == "" {
+		return false
+	}
 	v := s.Get(id, clear)
 	return v != "" && v == answer
 }
diff --git a/store_memory_test.go b/store_memory_test.go
index df68764..90cb7ac 100644
--- a/store_memory_test.go
+++ b/store_memory_test.go
@@ -143,6 +143,10 @@ func Test_memoryStore_Verify(t *testing.T) {
 	if got {
 		t.Error("failed3")
 	}
+	got = DefaultMemStore.Verify("saaf", "", true)
+	if got {
+		t.Error("CVE-2023-45292 GO-2023-2386")
+	}
 }
 
 func Test_memoryStore_Get(t *testing.T) {