From 47c4494fd8bbd167c977dfb5c80e1b6fdd9ac0e6 Mon Sep 17 00:00:00 2001
From: unknown <serg@serg.mylan>
Date: Thu, 7 Aug 2003 11:16:34 +0200
Subject: fixed password buffer overflow

---
 sql/sql_acl.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'sql')

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index f36e39b0645..554417322a4 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -206,10 +206,10 @@ int  acl_init(bool dont_read_acl_tables)
 		      "Found old style password for user '%s'. Ignoring user. (You may want to restart using --old-protocol)",
 		      user.user ? user.user : ""); /* purecov: tested */
     }
-    else if (length % 8)		// This holds true for passwords
+    else if (length % 8 || length > 16)
     {
       sql_print_error(
-		      "Found invalid password for user: '%s@%s'; Ignoring user",
+		      "Found invalid password for user: '%s'@'%s'; Ignoring user",
 		      user.user ? user.user : "",
 		      user.host.hostname ? user.host.hostname : ""); /* purecov: tested */
       continue; /* purecov: tested */
-- 
cgit v1.2.1