check_scramble_323 shuold ensure that the scramble has the correct length

sql/sql_acl.cc: cleanup
author: unknown <serg@serg.mylan> 2004-06-01 23:58:33 +0200
committer: unknown <serg@serg.mylan> 2004-06-01 23:58:33 +0200
commit: 869fbff91f848e7433c44994952e67c301f5052b (patch)
tree: 31b7886d700b43cecff6bb736071b19f7cb3e3b7
parent: ce0d015384d65199c3e0f830aa4f49937285e12b (diff)
download: mariadb-git-869fbff91f848e7433c44994952e67c301f5052b.tar.gz
2 files changed, 4 insertions, 2 deletions
diff --git a/sql/password.c b/sql/password.c
index 49f149969c9..0ac91346a55 100644
--- a/sql/password.c
+++ b/sql/password.c
@@ -218,6 +218,8 @@ check_scramble_323(const char *scrambled, const char *message,
   to=buff;
   for (pos=scrambled ; *pos ; pos++)
     *to++=(char) (floor(my_rnd(&rand_st)*31)+64);
+  if (pos-scrambled != SCRAMBLE_LENGTH_323)
+    return 1;
   extra=(char) (floor(my_rnd(&rand_st)*31));
   to=buff;
   while (*scrambled)
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 25ff4c5676b..d5427536370 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -629,8 +629,8 @@ int acl_getroot(THD *thd, USER_RESOURCES  *mqh,
         if (passwd_len == acl_user_tmp->salt_len)
         {
           if (acl_user_tmp->salt_len == 0 ||
-              acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
-              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0 ||
+              (acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
+              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0) ||
               check_scramble_323(passwd, thd->scramble,
                                  (ulong *) acl_user_tmp->salt) == 0)
           {
author	unknown <serg@serg.mylan>	2004-06-01 23:58:33 +0200
committer	unknown <serg@serg.mylan>	2004-06-01 23:58:33 +0200
commit	869fbff91f848e7433c44994952e67c301f5052b (patch)
tree	31b7886d700b43cecff6bb736071b19f7cb3e3b7
parent	ce0d015384d65199c3e0f830aa4f49937285e12b (diff)
download	mariadb-git-869fbff91f848e7433c44994952e67c301f5052b.tar.gz