Merge zippy.cornsilk.net:/home/cmiller/work/mysql/41gca

into zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-4.1-release
author: unknown <cmiller@zippy.cornsilk.net> 2007-06-08 16:28:48 -0400
committer: unknown <cmiller@zippy.cornsilk.net> 2007-06-08 16:28:48 -0400
commit: cbbec6f4250e8df4052fc037fe9f28c8a91d633a (patch)
tree: dc0a23d08cb7ca2a0bb572bed291ccddd4e45c9b
parent: 3737db158aeefa86fd110ea8c70528d590693cf4 (diff)
parent: d0c9d6cbf4d9cb8e9ccc406efa0096a8c41017c0 (diff)
download: mariadb-git-cbbec6f4250e8df4052fc037fe9f28c8a91d633a.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 659926bdea3..4e84bc9d046 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -909,9 +909,12 @@ static int check_connection(THD *thd)
     Old clients send null-terminated string as password; new clients send
     the size (1 byte) + string (not null-terminated). Hence in case of empty
     password both send '\0'.
+
+    Cast *passwd to an unsigned char, so that it doesn't extend the sign for
+    *passwd > 127 and become 2**32-127 after casting to uint.
   */
   uint passwd_len= thd->client_capabilities & CLIENT_SECURE_CONNECTION ?
-    *passwd++ : strlen(passwd);
+    (uchar)(*passwd++) : strlen(passwd);
   db= thd->client_capabilities & CLIENT_CONNECT_WITH_DB ?
     db + passwd_len + 1 : 0;
   uint db_len= db ? strlen(db) : 0;
author	unknown <cmiller@zippy.cornsilk.net>	2007-06-08 16:28:48 -0400
committer	unknown <cmiller@zippy.cornsilk.net>	2007-06-08 16:28:48 -0400
commit	cbbec6f4250e8df4052fc037fe9f28c8a91d633a (patch)
tree	dc0a23d08cb7ca2a0bb572bed291ccddd4e45c9b
parent	3737db158aeefa86fd110ea8c70528d590693cf4 (diff)
parent	d0c9d6cbf4d9cb8e9ccc406efa0096a8c41017c0 (diff)
download	mariadb-git-cbbec6f4250e8df4052fc037fe9f28c8a91d633a.tar.gz