[MXS-202] User password not handled correctly Created: 2015-06-16 Updated: 2015-08-20 Resolved: 2015-07-07 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | Core |
| Affects Version/s: | 1.1.1 |
| Fix Version/s: | 1.3.0 |
| Type: | Bug | Priority: | Major |
| Reporter: | martin brampton (Inactive) | Assignee: | martin brampton (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Environment: |
All |
||
| Description |
|
Problems in the MySQL protocols cause some passwords (known example is "joomla1") to be disregarded causing authentication to fail, even though correct password is submitted. Caused by erroneous check, but further work is needed to remove any similar issues and check code. |
| Comments |
| Comment by martin brampton (Inactive) [ 2015-06-24 ] |
|
Changed incorrect use of test for null string into memory compare against 20 null bytes (unterminated) using memcmp. This does not give as good a gain in clarity as originally hoped for, but seems to resolve the outstanding bug. |
| Comment by martin brampton (Inactive) [ 2015-07-07 ] |
|
Passed to Markus for review |
| Comment by markus makela [ 2015-07-07 ] |
|
Review done. |