File: 93_SECURITY_CVE-2007-3780.dpatch

package info (click to toggle)
mysql-dfsg-5.0 5.0.32-7etch12
  • links: PTS
  • area: main
  • in suites: etch
  • size: 89,332 kB
  • ctags: 94,781
  • sloc: cpp: 436,297; ansic: 409,141; sh: 40,574; tcl: 30,484; perl: 27,872; yacc: 8,236; makefile: 5,532; java: 4,610; xml: 3,914; pascal: 3,462; sql: 2,673; awk: 1,338; asm: 1,061; sed: 772
file content (20 lines) | stat: -rw-r--r-- 808 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
#! /bin/sh /usr/share/dpatch/dpatch-run
## 91_CVE-2007-3780.dpatch by Jamie Strandboge <jamie@ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: fix for CVE-2007-3780

@DPATCH@

diff -Nru mysql-dfsg-5.0-5.0.38.orig/sql/sql_parse.cc mysql-dfsg-5.0-5.0.38/sql/sql_parse.cc
--- mysql-dfsg-5.0-5.0.38.orig/sql/sql_parse.cc	2007-10-02 10:27:41.000000000 -0400
+++ mysql-dfsg-5.0-5.0.38/sql/sql_parse.cc	2007-10-02 10:30:39.000000000 -0400
@@ -1008,7 +1008,7 @@
     password both send '\0'.
   */
   uint passwd_len= thd->client_capabilities & CLIENT_SECURE_CONNECTION ?
-    *passwd++ : strlen(passwd);
+    (uchar) (*passwd++) : strlen(passwd);
   db= thd->client_capabilities & CLIENT_CONNECT_WITH_DB ?
     db + passwd_len + 1 : 0;
   uint db_len= db ? strlen(db) : 0;