Mirrors
/
php
mirror of https://github.com/php/php-src
3
0
Fork 0
Code Releases Activity
Browse Source

Don't write more data than the protocol can grok or the server will 

be confused. This comes without a test because the server needs to be
a non-community one with closed source PAM plugin loaded.
pull/271/head
Andrey Hristov 14 years ago
parent
8171c1eeb4
commit
0905ff2fe5
1 changed files with 8 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      ext/mysqlnd/mysqlnd_wireprotocol.c

8
ext/mysqlnd/mysqlnd_wireprotocol.c
View File

@ -496,6 +496,14 @@ size_t php_mysqlnd_auth_write(void * _packet, MYSQLND_CONN_DATA * conn TSRMLS_DC
if (packet->auth_data == NULL) {
packet->auth_data_len = 0;
}
if (packet->auth_data_len > 0xFF) {
const char * const msg = "Authentication data too long. "
"Won't fit into the buffer and will be truncated. Authentication will thus fail";
SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, msg);
php_error_docref(NULL TSRMLS_CC, E_WARNING, msg);
DBG_RETURN(0);
}
int1store(p, packet->auth_data_len);
++p;
/*!!!!! is the buffer big enough ??? */

Write Preview
Loading…
Cancel
Save