From e20203785a636eea77789d108fc15a86b36e74c9 Mon Sep 17 00:00:00 2001 From: Lonami Exo Date: Thu, 31 Aug 2023 10:22:23 +0200 Subject: [PATCH] Add missing nonce check during authentication --- client/src/telethon/_impl/mtproto/authentication.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/src/telethon/_impl/mtproto/authentication.py b/client/src/telethon/_impl/mtproto/authentication.py index 756d1363..15896c31 100644 --- a/client/src/telethon/_impl/mtproto/authentication.py +++ b/client/src/telethon/_impl/mtproto/authentication.py @@ -78,6 +78,8 @@ def _do_step2(data: Step1, response: bytes, random_bytes: bytes) -> Tuple[bytes, nonce = data.nonce res_pq = ResPq.from_bytes(response) + check_nonce(res_pq.nonce, nonce) + if len(res_pq.pq) != 8: raise ValueError(f"invalid pq size: {len(res_pq.pq)}")