From 332b932c8c053ea694e642bf4a336be0d511ce04 Mon Sep 17 00:00:00 2001
From: Laotree <Laotree@users.noreply.github.com>
Date: Fri, 29 Nov 2024 18:22:58 +0800
Subject: [PATCH] [FIX] Integer Underflow in TOTP Validation

---
 totp/totp.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/totp/totp.go b/totp/totp.go
index f33458c..c1ef73e 100644
--- a/totp/totp.go
+++ b/totp/totp.go
@@ -109,7 +109,9 @@ func ValidateCustom(passcode string, secret string, t time.Time, opts ValidateOp
 	counters = append(counters, uint64(counter))
 	for i := 1; i <= int(opts.Skew); i++ {
 		counters = append(counters, uint64(counter+int64(i)))
-		counters = append(counters, uint64(counter-int64(i)))
+		if counter >= int64(i) {
+			counters = append(counters, uint64(counter-int64(i)))
+		}
 	}
 
 	for _, counter := range counters {