Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
d7acab15
Commit
d7acab15
authored
Dec 11, 2004
by
serg@serg.mylan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
sql/password.c: check for buffer overflow in check_scramble_323 (BUG#7187)
parent
68174d7a
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
3 additions
and
2 deletions
+3
-2
sql/password.c
sql/password.c
+3
-2
No files found.
sql/password.c
View file @
d7acab15
...
@@ -211,12 +211,13 @@ check_scramble_323(const char *scrambled, const char *message,
...
@@ -211,12 +211,13 @@ check_scramble_323(const char *scrambled, const char *message,
ulong
hash_message
[
2
];
ulong
hash_message
[
2
];
char
buff
[
16
],
*
to
,
extra
;
/* Big enough for check */
char
buff
[
16
],
*
to
,
extra
;
/* Big enough for check */
const
char
*
pos
;
const
char
*
pos
;
hash_password
(
hash_message
,
message
,
SCRAMBLE_LENGTH_323
);
hash_password
(
hash_message
,
message
,
SCRAMBLE_LENGTH_323
);
randominit
(
&
rand_st
,
hash_pass
[
0
]
^
hash_message
[
0
],
randominit
(
&
rand_st
,
hash_pass
[
0
]
^
hash_message
[
0
],
hash_pass
[
1
]
^
hash_message
[
1
]);
hash_pass
[
1
]
^
hash_message
[
1
]);
to
=
buff
;
to
=
buff
;
for
(
pos
=
scrambled
;
*
pos
;
pos
++
)
DBUG_ASSERT
(
sizeof
(
buff
)
>
SCRAMBLE_LENGTH_323
);
for
(
pos
=
scrambled
;
*
pos
&&
to
<
buff
+
sizeof
(
buff
)
;
pos
++
)
*
to
++=
(
char
)
(
floor
(
my_rnd
(
&
rand_st
)
*
31
)
+
64
);
*
to
++=
(
char
)
(
floor
(
my_rnd
(
&
rand_st
)
*
31
)
+
64
);
if
(
pos
-
scrambled
!=
SCRAMBLE_LENGTH_323
)
if
(
pos
-
scrambled
!=
SCRAMBLE_LENGTH_323
)
return
1
;
return
1
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment