From 2b21fe3640f15e94ff5b81cf644a309a90c1632d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Jan 2019 11:48:31 -0500 Subject: [PATCH] increase sql var size to MED to hold the largest possible sql string. --- src/zm_user.cpp | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 86138b6ef..ab0aa2953 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -88,7 +88,7 @@ bool User::canAccess( int monitor_id ) { // Function to load a user from username and password // Please note that in auth relay mode = none, password is NULL User *zmLoadUser( const char *username, const char *password ) { - char sql[ZM_SQL_SML_BUFSIZ] = ""; + char sql[ZM_SQL_MED_BUFSIZ] = ""; char safer_username[65]; // current db username size is 32 // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. @@ -97,35 +97,40 @@ User *zmLoadUser( const char *username, const char *password ) { if ( password ) { char safer_password[129]; // current db password size is 64 mysql_real_escape_string(&dbconn, safer_password, password, strlen( password ) ); - snprintf( sql, sizeof(sql), "select Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", safer_username, safer_password ); + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users WHERE Username = '%s' AND Password = password('%s') AND Enabled = 1", + safer_username, safer_password ); } else { - snprintf( sql, sizeof(sql), "select Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Enabled = 1", safer_username ); + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users where Username = '%s' and Enabled = 1", safer_username ); } - if ( mysql_query( &dbconn, sql ) ) { - Error( "Can't run query: %s", mysql_error( &dbconn ) ); - exit( mysql_errno( &dbconn ) ); + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - MYSQL_RES *result = mysql_store_result( &dbconn ); + MYSQL_RES *result = mysql_store_result(&dbconn); if ( !result ) { - Error( "Can't use query result: %s", mysql_error( &dbconn ) ); - exit( mysql_errno( &dbconn ) ); + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - int n_users = mysql_num_rows( result ); + int n_users = mysql_num_rows(result); if ( n_users != 1 ) { - mysql_free_result( result ); - Warning( "Unable to authenticate user %s", username ); - return( 0 ); + mysql_free_result(result); + Warning("Unable to authenticate user %s", username); + return NULL; } - MYSQL_ROW dbrow = mysql_fetch_row( result ); + MYSQL_ROW dbrow = mysql_fetch_row(result); - User *user = new User( dbrow ); - Info( "Authenticated user '%s'", user->getUsername() ); + User *user = new User(dbrow); + Info("Authenticated user '%s'", user->getUsername()); - mysql_free_result( result ); + mysql_free_result(result); return user; }