Overview

File 62f7d288_port.patch of Package freeradius-server.14503

commit 62f7d2885ad02911f0ae71e7864d4805a489137b
Author: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date:   Wed Jul 5 13:07:31 2017 -0400

    FR-AD-003 - Pass correct statement length into sqlite3_prepare[_v2]

Index: freeradius-server-3.0.3/src/modules/rlm_sql/drivers/rlm_sql_sqlite/rlm_sql_sqlite.c
===================================================================
--- freeradius-server-3.0.3.orig/src/modules/rlm_sql/drivers/rlm_sql_sqlite/rlm_sql_sqlite.c
+++ freeradius-server-3.0.3/src/modules/rlm_sql/drivers/rlm_sql_sqlite/rlm_sql_sqlite.c
@@ -103,7 +103,7 @@ static int sql_loadfile(TALLOC_CTX *ctx,
 {
 	ssize_t len;
 	char *buffer;
-	char *p, *q, *s;
+	char *p, *q;
 	int cl;
 	FILE *f;
 	struct stat finfo;
@@ -191,19 +191,17 @@ static int sql_loadfile(TALLOC_CTX *ctx,
 	/*
 	 *	Statement delimiter is ;\n
 	 */
-	s = p = buffer;
+	p = buffer;
 	while ((q = strchr(p, ';'))) {
-		if (q[1] != '\n') {
+		if ((q[1] != '\n') && (q[1] != '\0')) {
 			p = q + 1;
 			continue;
 		}
 
-		*q = '\0';
-
 #ifdef HAVE_SQLITE3_PREPARE_V2
-		(void) sqlite3_prepare_v2(db, s, len, &statement, &z_tail);
+		(void) sqlite3_prepare_v2(db, p, q - p, &statement, &z_tail);
 #else
-		(void) sqlite3_prepare(db, s, len, &>statement, &z_tail);
+		(void) sqlite3_prepare(db, p, q - p, &>statement, &z_tail);
 #endif
 		if (sql_check_error(db)) {
 			talloc_free(buffer);
@@ -219,7 +217,7 @@ static int sql_loadfile(TALLOC_CTX *ctx,
 			return -1;
 		}
 
-		p = s = q + 1;
+		p = q + 1;
 	}
 
 	talloc_free(buffer);
openSUSE Build Service is sponsored by
Places