Fossil

Check-in [3782276d]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix to the previous fix: install function to the correct database.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | dmitry-security
Files: files | file ages | folders
SHA1:3782276da6a9c5b2e7df4af41e183298b0e44d91
User & Date: dmitry 2011-09-29 21:06:24
Context
2011-09-30
09:41
Catch zero length early in blob_constant_time_eq(). check-in: e3d022df user: dmitry tags: dmitry-security
2011-09-29
21:06
Fix to the previous fix: install function to the correct database. check-in: 3782276d user: dmitry tags: dmitry-security
21:04
Fix login groups. check-in: 6f29649e user: dmitry tags: dmitry-security
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/login.c.

508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
       zCode
  );
  if( zOtherRepo==0 ) return 0;  /* No such peer repository */

  rc = sqlite3_open(zOtherRepo, &pOther);
  if( rc==SQLITE_OK ){
    sqlite3_create_function(pOther,"now",0,SQLITE_ANY,0,db_now_function,0,0);
    sqlite3_create_function(g.db, "constant_time_eq", 2, SQLITE_UTF8, 0,
		  constant_time_eq_function, 0, 0);
    sqlite3_busy_timeout(pOther, 5000);
    zSQL = mprintf(
      "SELECT cexpire FROM user"
      " WHERE login=%Q"
      "   AND ipaddr=%Q"
      "   AND length(cap)>0"







|







508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
       zCode
  );
  if( zOtherRepo==0 ) return 0;  /* No such peer repository */

  rc = sqlite3_open(zOtherRepo, &pOther);
  if( rc==SQLITE_OK ){
    sqlite3_create_function(pOther,"now",0,SQLITE_ANY,0,db_now_function,0,0);
    sqlite3_create_function(pOther, "constant_time_eq", 2, SQLITE_UTF8, 0,
		  constant_time_eq_function, 0, 0);
    sqlite3_busy_timeout(pOther, 5000);
    zSQL = mprintf(
      "SELECT cexpire FROM user"
      " WHERE login=%Q"
      "   AND ipaddr=%Q"
      "   AND length(cap)>0"