revised patch for passwords > 8
-
To: db-beta@localhost
-
From: Reini Urban rurban@localhost
-
Date: Tue, 18 Feb 2003 13:34:20 +0100
-
Organization: inode.at
this one is better for hostnames > 16
forget the previous one.
but there's still another error somewhere in the ca module (loader/getvar)
--
Reini Urban - Programmer - http://inode.at
2003-02-18 13:32:17 r.urban@localhost
Enables passwords longer than 8 chars. Otherwise the dbName is simply
overwritten, without any check.
--- ripe-dbase-3.1.1/modules/ca/ca_defs.h~ 2002-06-04 11:32:36.000000000
+0200
+++ ripe-dbase-3.1.1/modules/ca/ca_defs.h 2003-02-18 09:03:06.000000000
+0100
@@ -158,7 +158,7 @@
char host[64];
int port;
char user[16];
- char password[9];
+ char password[16];
char dbName[16];
} ca_database_t;
@@ -175,8 +175,8 @@
char host[64];
int port;
char user[16];
- char password[9];
+ char password[16];
char tableName[72];
} ca_ripadmin_t;
--- ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c~ 2002-02-19
18:26:54.000000000 +0100
+++ ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c 2003-02-18
10:35:26.000000000 +0100
@@ -545,7 +545,7 @@
*/
while (currentPtr != NULL) {
ca_database_t *dbPtr = currentPtr->data;
- printf("\n%s,%d,%s,%s,%s\n", dbPtr->host, dbPtr->port,
dbPtr->user, dbPtr->password, dbPtr->dbName);
+ printf("\n%s,%d,%s,%s, %s\n", dbPtr->host, dbPtr->port,
dbPtr->user, dbPtr->password, dbPtr->dbName);
currentPtr = currentPtr->next;
}
}
@@ -613,7 +613,12 @@
#endif /* DEBUG */
strcpy(varName, tokens[0]);
- strcpy(dbComp, tokens[1]);
+ /* we should really check for the length of the token, otherwise
+ it overwites the former struct member (passwords > 8 chars) */
+ if (strcmp(varName,"host") == 0)
+ strncpy(dbComp, tokens[1], 64);
+ else
+ strncpy(dbComp, tokens[1], 16);
/* Free the memory used by the tokens array. */
g_strfreev(tokens);