8 May
2012
8 May
'12
11:53 a.m.
Sylvain Munaut <246tnt(a)gmail.com> wrote:
Hi,
Here's the faulty code :
if (ainfo->a3a8_ki_len > sizeof(ainfo->a3a8_ki))
ainfo->a3a8_ki_len = sizeof(ainfo->a3a8_ki_len);
So it's only executed if the current value is too big, which shouldn't
happen if the DB field content is correct. This might be related to
manually fiddling with the binary value without using the DBI escape
method.
Cheers,
Sylvain
There is
indeed a bug. But it's only in the "exception" processing, so
in a normal case that shouldn't have prevented auth. (and since we use
auth at the camp and 27c3, I can guarantee it works in the normal case
:)
I'm sorry, i don't see why this is only an exceptional case, but ok.