patch: fix sql plugin crash
Maxim Gorbachyov
maxim.gorbachyov at gmail.com
Tue Oct 28 09:37:22 EDT 2008
Hello.
There is a bug in the sql plugin of the cyrus-sasl library.
First, description. Here is relevant piece from my config:
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: sqlite
sql_database: my.db
sql_select: SELECT pwd FROM users WHERE login = '%u'
sql_verbose: yes
I get SEGFAULTs when user with unknown login attempts to authorise.
I've found that sql_auxprop_lookup() uses 'value' and (most important)
'value_len' without previous initialization. Sqlite backend does not
change value_len if nothing was read from db. So we get
utils->prop_set() accessing random memory.
Proposed patch (see attachment) initializes 'value' and 'value_len'
with zeroes. It works for me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sql-plugin-fix-crash-on-unknown-user
Type: application/octet-stream
Size: 577 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-devel/attachments/20081028/a5505d02/attachment.obj
More information about the Cyrus-devel
mailing list