diff options
| -rw-r--r-- | sql/sql_connect.cc | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sql/sql_connect.cc b/sql/sql_connect.cc index 7c1ba3856e8..26b7098e27c 100644 --- a/sql/sql_connect.cc +++ b/sql/sql_connect.cc @@ -837,9 +837,12 @@ static int check_connection(THD *thd) password both send '\0'. This strlen() can't be easily deleted without changing protocol. + + Cast *passwd to an unsigned char, so that it doesn't extend the sign for + *passwd > 127 and become 2**32-127+ after casting to uint. */ uint passwd_len= thd->client_capabilities & CLIENT_SECURE_CONNECTION ? - *passwd++ : strlen(passwd); + (uchar)(*passwd++) : strlen(passwd); db= thd->client_capabilities & CLIENT_CONNECT_WITH_DB ? db + passwd_len + 1 : 0; /* strlen() can't be easily deleted without changing protocol */ |