Lars Strojny
A keks * initial commit
Lars Strojny commited 8c4e5b8 at 2006-12-17 11:28:02
patch-c2s-buffers
diff -ru c2sorig/authreg.c c2s/authreg.c
--- c2sorig/authreg.c Mon Nov 22 15:53:34 2004
+++ c2s/authreg.c Mon Nov 22 20:06:25 2004
@@ -623,7 +623,7 @@
log_write(c2s->log, LOG_NOTICE, "[%d] created user: user=%s; realm=%s", sess->s->tag, username, sess->realm);
/* extract the password */
- snprintf(password, 1024, "%.*s", NAD_CDATA_L(nad, elem), NAD_CDATA(nad, elem));
+ snprintf(password, 257, "%.*s", NAD_CDATA_L(nad, elem), NAD_CDATA(nad, elem));
/* change it */
if((c2s->ar->set_password)(c2s->ar, username, sess->realm, password) != 0)
diff -ru c2sorig/authreg_mysql.c c2s/authreg_mysql.c
--- c2sorig/authreg_mysql.c Mon Nov 22 15:53:34 2004
+++ c2s/authreg_mysql.c Mon Nov 22 16:55:37 2004
@@ -24,6 +24,10 @@
#ifdef STORAGE_MYSQL
+#define MYSQL_LU 1024 /* maximum length of username - should correspond to field length */
+#define MYSQL_LR 256 /* maximum length of realm - should correspond to field length */
+#define MYSQL_LP 256 /* maximum length of password - should correspond to field length */
+
#include <mysql.h>
typedef struct mysqlcontext_st {
@@ -42,7 +46,8 @@
static MYSQL_RES *_ar_mysql_get_user_tuple(authreg_t ar, char *username, char *realm) {
mysqlcontext_t ctx = (mysqlcontext_t) ar->private;
MYSQL *conn = ctx->conn;
- char euser[2049], erealm[2049], sql[5121]; /* query(1024) + euser(2048) + erealm(2048) + \0(1) */
+ char iuser[MYSQL_LU+1], irealm[MYSQL_LR+1];
+ char euser[MYSQL_LU*2+1], erealm[MYSQL_LR*2+1], sql[1024 + MYSQL_LU*2 + MYSQL_LR*2 + 1]; /* query(1024) + euser + erealm + \0(1) */
MYSQL_RES *res;
if(mysql_ping(conn) != 0) {
@@ -50,8 +55,11 @@
return NULL;
}
- mysql_real_escape_string(conn, euser, username, strlen(username));
- mysql_real_escape_string(conn, erealm, realm, strlen(realm));
+ snprintf(iuser, MYSQL_LU+1, "%s", username);
+ snprintf(irealm, MYSQL_LR+1, "%s", realm);
+
+ mysql_real_escape_string(conn, euser, iuser, strlen(iuser));
+ mysql_real_escape_string(conn, erealm, irealm, strlen(irealm));
sprintf(sql, ctx->sql_select, euser, erealm);
@@ -127,15 +135,21 @@
 
 
הההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההה
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX