You are here: Home > Participate > Join a Discussion > Mailman Archives

revised patch for passwords > 8

  • To: db-beta@localhost
  • From: Reini Urban rurban@localhost
  • Date: Tue, 18 Feb 2003 13:34:20 +0100
  • Organization: inode.at

this one is better for hostnames > 16
forget the previous one.

but there's still another error somewhere in the ca module (loader/getvar)
--
Reini Urban - Programmer - http://inode.at
2003-02-18 13:32:17 r.urban@localhost
        Enables passwords longer than 8 chars. Otherwise the dbName is simply 
        overwritten, without any check.

--- ripe-dbase-3.1.1/modules/ca/ca_defs.h~      2002-06-04 11:32:36.000000000 
+0200
+++ ripe-dbase-3.1.1/modules/ca/ca_defs.h       2003-02-18 09:03:06.000000000 
+0100
@@ -158,7 +158,7 @@
                        char host[64];
                        int port;
                        char user[16];
-                       char password[9];
+                       char password[16];
                        char dbName[16];
                } ca_database_t;
 
@@ -175,8 +175,8 @@
                        char host[64];
                        int port;
                        char user[16];
-                       char password[9];
+                       char password[16];
                        char tableName[72];
                } ca_ripadmin_t;
 
--- ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c~      2002-02-19 
18:26:54.000000000 +0100
+++ ripe-dbase-3.1.1/modules/ca/ca_sourceLoader.c       2003-02-18 
10:35:26.000000000 +0100
@@ -545,7 +545,7 @@
         */
        while (currentPtr != NULL) {
                ca_database_t *dbPtr = currentPtr->data;
-               printf("\n%s,%d,%s,%s,%s\n", dbPtr->host, dbPtr->port, 
dbPtr->user, dbPtr->password, dbPtr->dbName);
+               printf("\n%s,%d,%s,%s, %s\n", dbPtr->host, dbPtr->port, 
dbPtr->user, dbPtr->password, dbPtr->dbName);
                currentPtr = currentPtr->next;
        }
 }
@@ -613,7 +613,12 @@
 #endif /* DEBUG */
 
        strcpy(varName, tokens[0]);
-       strcpy(dbComp, tokens[1]);
+       /* we should really check for the length of the token, otherwise 
+          it overwites the former struct member (passwords > 8 chars) */
+       if (strcmp(varName,"host") == 0)
+           strncpy(dbComp, tokens[1], 64);
+       else
+           strncpy(dbComp, tokens[1], 16);
 
        /* Free the memory used by the tokens array. */
        g_strfreev(tokens);