Commit 869fbff9 authored by unknown's avatar unknown

check_scramble_323 shuold ensure that the scramble has the correct length


sql/sql_acl.cc:
  cleanup
parent ce0d0153
......@@ -218,6 +218,8 @@ check_scramble_323(const char *scrambled, const char *message,
to=buff;
for (pos=scrambled ; *pos ; pos++)
*to++=(char) (floor(my_rnd(&rand_st)*31)+64);
if (pos-scrambled != SCRAMBLE_LENGTH_323)
return 1;
extra=(char) (floor(my_rnd(&rand_st)*31));
to=buff;
while (*scrambled)
......
......@@ -629,8 +629,8 @@ int acl_getroot(THD *thd, USER_RESOURCES *mqh,
if (passwd_len == acl_user_tmp->salt_len)
{
if (acl_user_tmp->salt_len == 0 ||
acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0 ||
(acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0) ||
check_scramble_323(passwd, thd->scramble,
(ulong *) acl_user_tmp->salt) == 0)
{
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment