diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2011-08-04 16:13:21 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2011-08-04 16:13:21 +0300 |
commit | eb851fbc9fec91c1bd095500d3e9b24829ee53cc (patch) | |
tree | d3ce5083c0dcfbe8c643fdc6809436f1856cb9be /libmu_auth | |
parent | 6060ab1110b1a1c27c1f88e22581a50b3930bf4b (diff) | |
download | mailutils-eb851fbc9fec91c1bd095500d3e9b24829ee53cc.tar.gz mailutils-eb851fbc9fec91c1bd095500d3e9b24829ee53cc.tar.bz2 |
Various bugfixes.
* libmailutils/base/assoc.c (first): Set index to max value
if tab is NULL to indicate immediate end of iteration.
* libmu_auth/sql.c (mu_auth_sql_by_name)
(mu_auth_sql_by_uid): Check the return from mu_sql_num_tuples.
(mu_sql_getpass): Check the number of returned tuples.
Return failure if returned a NULL password.
* libmu_scm/mu_message.c (string_sloppy_member): Remove.
(mu-message-get-header-fields): Use scm_member instead of
string_sloppy_member.
* sql/postgres.c (chop): Handle NULL argument.
Diffstat (limited to 'libmu_auth')
-rw-r--r-- | libmu_auth/sql.c | 53 |
1 files changed, 49 insertions, 4 deletions
diff --git a/libmu_auth/sql.c b/libmu_auth/sql.c index ddf1e1271..4bd2e5534 100644 --- a/libmu_auth/sql.c +++ b/libmu_auth/sql.c @@ -392,7 +392,17 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data, return MU_ERR_FAILURE; } - mu_sql_num_tuples (conn, &n); + status = mu_sql_num_tuples (conn, &n); + if (status) + { + mu_error (_("cannot get number of tuples: %s"), + (status == MU_ERR_SQL) ? mu_sql_strerror (conn) : + mu_strerror (status)); + mu_sql_release_result (conn); + mu_sql_connection_destroy (&conn); + return MU_ERR_FAILURE; + } + if (n == 0) rc = MU_ERR_AUTH_FAILURE; else @@ -476,7 +486,16 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data, return MU_ERR_FAILURE; } - mu_sql_num_tuples (conn, &n); + status = mu_sql_num_tuples (conn, &n); + if (status) + { + mu_error (_("cannot get number of tuples: %s"), + (status == MU_ERR_SQL) ? mu_sql_strerror (conn) : + mu_strerror (status)); + mu_sql_release_result (conn); + mu_sql_connection_destroy (&conn); + return MU_ERR_FAILURE; + } if (n == 0) rc = MU_ERR_AUTH_FAILURE; @@ -497,7 +516,8 @@ mu_sql_getpass (const char *username, char **passwd) char *query_str; int status; char *sql_pass; - + size_t nt; + query_str = mu_sql_expand_query (mu_sql_module_config.getpass_query, username); if (!query_str) @@ -540,7 +560,7 @@ mu_sql_getpass (const char *username, char **passwd) mu_sql_connection_destroy (&conn); return MU_ERR_FAILURE; } - + status = mu_sql_store_result (conn); if (status) @@ -552,6 +572,23 @@ mu_sql_getpass (const char *username, char **passwd) return MU_ERR_FAILURE; } + status = mu_sql_num_tuples (conn, &nt); + if (status) + { + mu_error (_("cannot get number of tuples: %s"), + (status == MU_ERR_SQL) ? mu_sql_strerror (conn) : + mu_strerror (status)); + mu_sql_release_result (conn); + mu_sql_connection_destroy (&conn); + return MU_ERR_FAILURE; + } + if (nt == 0) + { + mu_sql_release_result (conn); + mu_sql_connection_destroy (&conn); + return MU_ERR_FAILURE; + } + status = mu_sql_get_column (conn, 0, 0, &sql_pass); if (status) { @@ -563,6 +600,14 @@ mu_sql_getpass (const char *username, char **passwd) return MU_ERR_FAILURE; } + if (!sql_pass) + { + mu_error (_("SQL returned NULL password")); + mu_sql_release_result (conn); + mu_sql_connection_destroy (&conn); + return MU_ERR_FAILURE; + } + *passwd = strdup (sql_pass); mu_sql_disconnect (conn); |