diff options
| author | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-05-10 23:01:07 +0000 |
|---|---|---|
| committer | cyberbotx <cyberbotx@5417fbe8-f217-4b02-8779-1006273d7864> | 2009-05-10 23:01:07 +0000 |
| commit | 572d1a94bd978395d24c628a8c7e4a4eb5cf7f1e (patch) | |
| tree | 19a7072d5c78e8fdc653ca36d114379ec4d34708 /src/mysql.c | |
| parent | 9210aae6f994bc9511843fd7e9c94763b930d37b (diff) | |
Fix bug #1078, MySQL query should no longer fail when password and salt are too long, patch from Adam.
git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/stable@2299 5417fbe8-f217-4b02-8779-1006273d7864
Diffstat (limited to 'src/mysql.c')
| -rw-r--r-- | src/mysql.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/src/mysql.c b/src/mysql.c index 44c8b307c..8f032f1b9 100644 --- a/src/mysql.c +++ b/src/mysql.c @@ -250,6 +250,7 @@ char *db_mysql_secure(char *pass, int size) { char tmp_pass[PASSMAX]; char *str, *tmp; + unsigned bufsize = (2 * PASSMAX + 15 + sizeof(MysqlSecure)); /* Initialize the buffer. Bug #86 */ memset(tmp_pass, 0, PASSMAX); @@ -258,26 +259,26 @@ char *db_mysql_secure(char *pass, int size) if (!pass) return NULL; - str = scalloc(2 * PASSMAX + 15, sizeof(char)); + str = scalloc(bufsize, sizeof(char)); if (enc_decrypt(pass, tmp_pass, PASSMAX - 1) != 1) { /* We couldnt decrypt the pass... */ /* Make sure the hash is MySQL safe.. */ tmp = db_mysql_quote_buffer(pass, size); - snprintf(str, 2 * PASSMAX + 15, "'%s'", tmp); + snprintf(str, bufsize, "'%s'", tmp); free(tmp); } else { /* if we could decrypt the pass */ /* Make sure the pass itself pass is MySQL safe.. */ tmp = db_mysql_quote_buffer(tmp_pass, strlen(tmp_pass)); if ((!MysqlSecure) || (strcmp(MysqlSecure, "") == 0)) { - snprintf(str, 2 * PASSMAX + 15, "'%s'", tmp); + snprintf(str, bufsize, "'%s'", tmp); } else if (strcmp(MysqlSecure, "des") == 0) { - snprintf(str, 2 * PASSMAX + 15, "ENCRYPT('%s')", tmp); + snprintf(str, bufsize, "ENCRYPT('%s')", tmp); } else if (strcmp(MysqlSecure, "md5") == 0) { - snprintf(str, 2 * PASSMAX + 15, "MD5('%s')", tmp); + snprintf(str, bufsize, "MD5('%s')", tmp); } else if (strcmp(MysqlSecure, "sha") == 0) { - snprintf(str, 2 * PASSMAX + 15, "SHA('%s')", tmp); + snprintf(str, bufsize, "SHA('%s')", tmp); } else { - snprintf(str, 2 * PASSMAX + 15, "ENCODE('%s','%s')", tmp, MysqlSecure); + snprintf(str, bufsize, "ENCODE('%s','%s')", tmp, MysqlSecure); } free(tmp); } |