From 48b50a22a43dde00c795fb01521fcd731c323de7 Mon Sep 17 00:00:00 2001
From: Phallacy <Dragoonmac@gmail.com>
Date: Thu, 28 Mar 2019 08:15:53 -0700
Subject: [PATCH] switched to a hexa string with crypto random backing

---
 .../Library/DefaultPasswordResetProvider.cs      | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/Emby.Server.Implementations/Library/DefaultPasswordResetProvider.cs b/Emby.Server.Implementations/Library/DefaultPasswordResetProvider.cs
index 63ebc7c727..b726fa2d0a 100644
--- a/Emby.Server.Implementations/Library/DefaultPasswordResetProvider.cs
+++ b/Emby.Server.Implementations/Library/DefaultPasswordResetProvider.cs
@@ -8,6 +8,7 @@ using MediaBrowser.Common.Extensions;
 using MediaBrowser.Controller.Authentication;
 using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Library;
+using MediaBrowser.Model.Cryptography;
 using MediaBrowser.Model.Serialization;
 using MediaBrowser.Model.Users;
 
@@ -25,13 +26,15 @@ namespace Emby.Server.Implementations.Library
 
         private IJsonSerializer _jsonSerializer;
         private IUserManager _userManager;
+        private ICryptoProvider _crypto;
 
-        public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IJsonSerializer jsonSerializer, IUserManager userManager)
+        public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IJsonSerializer jsonSerializer, IUserManager userManager, ICryptoProvider cryptoProvider)
         {
             _passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;
             _passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, _passwordResetFileBaseName);
             _jsonSerializer = jsonSerializer;
             _userManager = userManager;
+            _crypto = cryptoProvider;
         }
 
         public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)
@@ -49,7 +52,7 @@ namespace Emby.Server.Implementations.Library
                 {
                     File.Delete(resetfile);
                 }
-                else if (spr.Pin == pin)
+                else if (spr.Pin.Equals(pin, StringComparison.InvariantCultureIgnoreCase))
                 {
                     var resetUser = _userManager.GetUserByName(spr.UserName);
                     if (resetUser == null)
@@ -79,7 +82,14 @@ namespace Emby.Server.Implementations.Library
 
         public async Task<ForgotPasswordResult> StartForgotPasswordProcess(MediaBrowser.Controller.Entities.User user, bool isInNetwork)
         {
-            string pin = new Random().Next(99999999).ToString("00000000", CultureInfo.InvariantCulture);
+            string pin = string.Empty;
+            using (var cryptoRandom = System.Security.Cryptography.RandomNumberGenerator.Create())
+            {
+                byte[] bytes = new byte[4];
+                cryptoRandom.GetBytes(bytes);
+                pin = bytes.ToString();
+            }
+
             DateTime expireTime = DateTime.Now.AddMinutes(30);
             string filePath = _passwordResetFileBase + user.InternalId + ".json";
             SerializablePasswordReset spr = new SerializablePasswordReset