diff options
author | Sergei Golubchik <serg@mariadb.org> | 2019-10-26 10:43:10 +0200 |
---|---|---|
committer | Sergei Golubchik <serg@mariadb.org> | 2019-10-28 19:45:43 +0100 |
commit | dadc53ff0b32ce34ed43e98fb4b1d3af780167f8 (patch) | |
tree | 6f4f4c06cbc46adb603e44ff15b48d4de228e325 | |
parent | d67ea8151f88184a38d96ad801e992c8c16a3b3d (diff) | |
download | mariadb-git-dadc53ff0b32ce34ed43e98fb4b1d3af780167f8.tar.gz |
MDEV-19882 pam v2: auth_pam_tool truncates passwords that are not null-terminated
Don't assume that passwords (and other conv replies) are zero-terminated.
If they are, though, strndup() down below will take care of that.
-rw-r--r-- | plugin/auth_pam/auth_pam_tool.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/plugin/auth_pam/auth_pam_tool.c b/plugin/auth_pam/auth_pam_tool.c index 3947091ec4a..624b6880933 100644 --- a/plugin/auth_pam/auth_pam_tool.c +++ b/plugin/auth_pam/auth_pam_tool.c @@ -33,7 +33,7 @@ static int roundtrip(struct param *param, const unsigned char *buf, if (write(1, &b, 1) < 1 || write_string(1, buf, buf_len)) return -1; *pkt= (unsigned char *) param->buf; - return read_string(0, (char *) param->buf, (int) sizeof(param->buf)) - 1; + return read_string(0, (char *) param->buf, (int) sizeof(param->buf)); } typedef struct st_mysql_server_auth_info |