Fix bug #1078, MySQL query should no longer fail when password and salt are too long, patch from Adam.

git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/stable@2299 5417fbe8-f217-4b02-8779-1006273d7864
author: cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> 2009-05-10 23:01:07 +0000
committer: cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> 2009-05-10 23:01:07 +0000
commit: 572d1a94bd978395d24c628a8c7e4a4eb5cf7f1e (patch)
tree: 19a7072d5c78e8fdc653ca36d114379ec4d34708
parent: 9210aae6f994bc9511843fd7e9c94763b930d37b (diff)
3 files changed, 20 insertions, 8 deletions
diff --git a/Changes b/Changes
index 8390b50e5..a0616815f 100644
--- a/Changes
+++ b/Changes
@@ -21,6 +21,7 @@ Provided by Anope Dev. <team@anope.org> - 2009
 03/23 F Fixed CS SET MLOCK requiring a param to allow clearing.          [#1044]
 03/30 F Fantasy commands in CTCP ACTIONs will now be ignored.            [#1073]
 04/03 F SECUREOPS now igores modechanges from ulined servers.            [#1004]
+04/06 F Patch to update documentation on CS RESTRICTED...                [#1039]
 04/18 F Don't enforce akicks/forbidden/.. on clients on ulined servers.  [  #00]
 
 Provided by Adam <Adam@SubZeroIRC.net> - 2009
@@ -28,6 +29,8 @@ Provided by Adam <Adam@SubZeroIRC.net> - 2009
 02/07 F CS OP/PROTECT/etc now enforced SECUREOPS setting.                [#1006]
 03/07 F Channel list re-ordering.                                        [#1024]
 03/22 F Log message about the deleting from channel access list.         [#1030]
+05/08 F Allow jupe on all bar uplink and self.                           [#1076]
+05/10 F MySQL query should no longer fail when password/salt are long    [#1078]
 
 Provided by mooncup <mooncup@anonnet.org> - 2009
 02/04 F Automatically reapply vhost on hs off for unreal32.              [  #00]
diff --git a/src/mysql.c b/src/mysql.c
index 44c8b307c..8f032f1b9 100644
--- a/src/mysql.c
+++ b/src/mysql.c
@@ -250,6 +250,7 @@ char *db_mysql_secure(char *pass, int size)
 {
     char tmp_pass[PASSMAX];
     char *str, *tmp;
+    unsigned bufsize = (2 * PASSMAX + 15 + sizeof(MysqlSecure));
 
     /* Initialize the buffer. Bug #86 */
     memset(tmp_pass, 0, PASSMAX);
@@ -258,26 +259,26 @@ char *db_mysql_secure(char *pass, int size)
     if (!pass)
         return NULL;
 
-    str = scalloc(2 * PASSMAX + 15, sizeof(char));
+    str = scalloc(bufsize, sizeof(char));
     if (enc_decrypt(pass, tmp_pass, PASSMAX - 1) != 1) {
         /* We couldnt decrypt the pass... */
         /* Make sure the hash is MySQL safe.. */
         tmp = db_mysql_quote_buffer(pass, size);
-        snprintf(str, 2 * PASSMAX + 15, "'%s'", tmp);
+        snprintf(str, bufsize, "'%s'", tmp);
         free(tmp);
     } else {                    /* if we could decrypt the pass */
         /* Make sure the pass itself pass is MySQL safe.. */
         tmp = db_mysql_quote_buffer(tmp_pass, strlen(tmp_pass));
         if ((!MysqlSecure) || (strcmp(MysqlSecure, "") == 0)) {
-            snprintf(str, 2 * PASSMAX + 15, "'%s'", tmp);
+            snprintf(str, bufsize, "'%s'", tmp);
         } else if (strcmp(MysqlSecure, "des") == 0) {
-            snprintf(str, 2 * PASSMAX + 15, "ENCRYPT('%s')", tmp);
+            snprintf(str, bufsize, "ENCRYPT('%s')", tmp);
         } else if (strcmp(MysqlSecure, "md5") == 0) {
-            snprintf(str, 2 * PASSMAX + 15, "MD5('%s')", tmp);
+            snprintf(str, bufsize, "MD5('%s')", tmp);
         } else if (strcmp(MysqlSecure, "sha") == 0) {
-            snprintf(str, 2 * PASSMAX + 15, "SHA('%s')", tmp);
+            snprintf(str, bufsize, "SHA('%s')", tmp);
         } else {
-            snprintf(str, 2 * PASSMAX + 15, "ENCODE('%s','%s')", tmp, MysqlSecure);
+            snprintf(str, bufsize, "ENCODE('%s','%s')", tmp, MysqlSecure);
         }
         free(tmp);
     }
diff --git a/version.log b/version.log
index caee2e3cd..793234b71 100644
--- a/version.log
+++ b/version.log
@@ -9,11 +9,19 @@ VERSION_MAJOR="1"
 VERSION_MINOR="8"
 VERSION_PATCH="0"
 VERSION_EXTRA="-svn"
-VERSION_BUILD="2284"
+VERSION_BUILD="2299"
 
 # $Log$ # Changes since 1.8.0 Release
 
+#Revision 2299 - Fix bug #1078, MySQL query should no longer fail when password and salt are too long, patch from Adam.
+#Revision 2297 - Patch to allow jupe on all bar uplink and self. Thanks Adam. (Bug #1076)
+#Revision 2294 - Fix link to Link Block Generator on our site. Good find whoever it was :)
+#Revision 2293 - Patch from DukeP - founderstatus (gained by /cs identify) is not removed on logout, and on remote logout the nicktracking and the timers are removed from the wrong user (u instead of u2). Cheers! :)
+#Revision 2289 - Backport from 1.9 to document the use of /ms set notify mail and nomail (Adam)
+#Revision 2287 - Patch to rectify Syntax output from langfiles and update certain modules to use syntax_error rather than notice_lang. (Adam)
 #Revision 2284 - Don't enfoce akick/forbidden/etc.. settings on clients on ulined servers.
+#Revision 2272 - Backport of r2271, remove files from the modules runtime directory on startup, just in case files were left behind during a previous run.
+#Revision 2262 - Patch to update documentation on CS RESTRICTED to reflect historical behaviour.
 #Revision 2253 - Backport of bugfix for bug #1004 from SVN r2003, Modechanges from ulined server are no longer being blocked by SECUREOPS.
 #Revision 2251 - Fixed non-standard C-style comment.
 #Revision 2250 - Updated example.conf regarding removal of the inspirc10 protocol module and SRA requirement for SuperAdmin.
author	cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864>	2009-05-10 23:01:07 +0000
committer	cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864>	2009-05-10 23:01:07 +0000
commit	572d1a94bd978395d24c628a8c7e4a4eb5cf7f1e (patch)
tree	19a7072d5c78e8fdc653ca36d114379ec4d34708
parent	9210aae6f994bc9511843fd7e9c94763b930d37b (diff)