patch for passwords > 8

  • To: db-beta@localhost
  • From: Reini Urban rurban@localhost
  • Date: Tue, 18 Feb 2003 09:25:09 +0100
  • Organization: inode.at

Attached is a patch to enable password longer than 8 chars, max. 15 chars in this case, and a fix which checks for longer variable values > 16 in the source config also.
maybe you should extend all struct strings to 64 chars.

$ Error: Non-existent database "RIPEDB" referenced !!!
died: +787 ca_sourceLoader.c
Speicherzugriffsfehler

This bug hit me very badly. I tried for two days various configs with two passwords of ours, both by accident longer than 8 chars,
After one day of debugging I found this stupid limitation.
--
Reini Urban - Programmer - http://inode.at
2003-02-18 09:05:03 r.urban@localhost
        Enables passwords longer than 8 chars. Otherwise the dbName is simply 
        overwritten, without any check.

--- ripe-dbase-3.1.1/modules/ca/ca_defs.h~      2002-06-04 11:32:36.000000000 
+0200
+++ ripe-dbase-3.1.1/modules/ca/ca_defs.h       2003-02-18 09:03:06.000000000 
+0100
@@ -158,7 +158,7 @@
                        char host[64];
                        int port;
                        char user[16];
-                       char password[9];
+                       char password[16];
                        char dbName[16];
                } ca_database_t;
 
@@ -175,7 +175,7 @@
                        char host[64];
                        int port;
                        char user[16];
-                       char password[9];
+                       char password[16];
                        char tableName[72];
                } ca_ripadmin_t;
 
--- ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c~      2002-02-19 
18:26:54.000000000 +0100
+++ ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c       2003-02-18 
09:09:47.000000000 +0100
@@ -545,7 +545,7 @@
         */
        while (currentPtr != NULL) {
                ca_database_t *dbPtr = currentPtr->data;
-               printf("\n%s,%d,%s,%s,%s\n", dbPtr->host, dbPtr->port, 
dbPtr->user, dbPtr->password, dbPtr->dbName);
+               printf("\n%s,%d,%s,%s, %s\n", dbPtr->host, dbPtr->port, 
dbPtr->user, dbPtr->password, dbPtr->dbName);
                currentPtr = currentPtr->next;
        }
 }
@@ -613,7 +613,9 @@
 #endif /* DEBUG */
 
        strcpy(varName, tokens[0]);
-       strcpy(dbComp, tokens[1]);
+       /* we should really check for the length of the token, otherwise 
+          it overwites the former struct member (passwords > 8 chars) */
+       strncpy(dbComp, tokens[1], 16);
 
        /* Free the memory used by the tokens array. */
        g_strfreev(tokens);