1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MDEV-19882 pam v2: auth_pam_tool truncates passwords that are not null-terminated

Browse Source 
Don't assume that passwords (and other conv replies) are zero-terminated.
If they are, though, strndup() down below will take care of that.
This commit is contained in:
Sergei Golubchik 2019-10-26 10:43:10 +02:00
parent d67ea8151f
commit dadc53ff0b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugin/auth_pam/auth_pam_tool.c
View File

@ -33,7 +33,7 @@ static int roundtrip(struct param *param, const unsigned char *buf,
if (write(1, &b, 1) < 1 || write_string(1, buf, buf_len)) if (write(1, &b, 1) < 1 || write_string(1, buf, buf_len))
return -1; return -1;
*pkt= (unsigned char *) param->buf; *pkt= (unsigned char *) param->buf;
return read_string(0, (char *) param->buf, (int) sizeof(param->buf)) - 1; return read_string(0, (char *) param->buf, (int) sizeof(param->buf));
} }
typedef struct st_mysql_server_auth_info typedef struct st_mysql_server_auth_info