MDEV-19882 pam v2: auth_pam_tool truncates passwords that are not null-terminated

Don't assume that passwords (and other conv replies) are zero-terminated. If they are, though, strndup() down below will take care of that.
2019-10-26 10:43:10 +02:00 · 2019-10-26 10:43:10 +02:00 · dadc53ff0b
commit dadc53ff0b
parent d67ea8151f
1 changed files with 1 additions and 1 deletions
--- a/plugin/auth_pam/auth_pam_tool.c
+++ b/plugin/auth_pam/auth_pam_tool.c
@ -33,7 +33,7 @@ static int roundtrip(struct param *param, const unsigned char *buf,
  if (write(1, &b, 1) < 1 || write_string(1, buf, buf_len))
    return -1;
  *pkt= (unsigned char *) param->buf;
-  return read_string(0, (char *) param->buf, (int) sizeof(param->buf)) - 1;
+  return read_string(0, (char *) param->buf, (int) sizeof(param->buf));
 }

 typedef struct st_mysql_server_auth_info