patch: fix sql plugin crash
Alexey Melnikov
alexey.melnikov at isode.com
Tue Oct 28 15:32:24 EDT 2008
Maxim Gorbachyov wrote:
>Hello.
>There is a bug in the sql plugin of the cyrus-sasl library.
>First, description. Here is relevant piece from my config:
>
>pwcheck_method: auxprop
>auxprop_plugin: sql
>sql_engine: sqlite
>sql_database: my.db
>sql_select: SELECT pwd FROM users WHERE login = '%u'
>sql_verbose: yes
>
>I get SEGFAULTs when user with unknown login attempts to authorise.
>I've found that sql_auxprop_lookup() uses 'value' and (most important)
>'value_len' without previous initialization. Sqlite backend does not
>change value_len if nothing was read from db. So we get
>utils->prop_set() accessing random memory.
>
>Proposed patch (see attachment) initializes 'value' and 'value_len'
>with zeroes. It works for me.
>
>
This looks reasonable.
However, I am wondering if the following line:
+ memset(value, 0, sizeof(value));
can be replaced with:
+ value[0] = '\0';
Can you test?
Also, please add this to bugzilla, if you haven't yet.
More information about the Cyrus-devel
mailing list