[dovecot-cvs] dovecot/src/auth auth-request.c, 1.45, 1.46 auth-stream.c, 1.1, 1.2 passdb-ldap.c, 1.42, 1.43 passdb-sql.c, 1.26, 1.27 userdb-ldap.c, 1.39, 1.40 userdb-sql.c, 1.13, 1.14 userdb-static.c, 1.17, 1.18

Tue Feb 14 19:43:08 EET 2006

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv28016/auth

Modified Files:
	auth-request.c auth-stream.c passdb-ldap.c passdb-sql.c 
	userdb-ldap.c userdb-sql.c userdb-static.c 
Log Message:
Check that we don't pass around key=value pairs with empty keys.



Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -d -r1.45 -r1.46

--- auth-request.c	22 Jan 2006 11:33:27 -0000	1.45
+++ auth-request.c	14 Feb 2006 17:43:04 -0000	1.46
@@ -515,6 +515,7 @@
 			    const char *name, const char *value,
 			    const char *default_scheme)
 {
+	i_assert(*name != '\0');
 	i_assert(value != NULL);
 
 	if (strcmp(name, "password") == 0) {

Index: auth-stream.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-stream.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- auth-stream.c	8 Aug 2005 09:20:16 -0000	1.1
+++ auth-stream.c	14 Feb 2006 17:43:04 -0000	1.2
@@ -25,6 +25,7 @@
 	if (str_len(reply->str) > 0)
 		str_append_c(reply->str, '\t');
 	if (key != NULL) {
+		i_assert(*key != '\0');
 		i_assert(strchr(key, '\t') == NULL &&
 			 strchr(key, '\n') == NULL);
 

Index: passdb-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-ldap.c,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -d -r1.42 -r1.43
--- passdb-ldap.c	22 Jan 2006 11:33:27 -0000	1.42
+++ passdb-ldap.c	14 Feb 2006 17:43:04 -0000	1.43
@@ -59,7 +59,7 @@
 				    name != NULL ? name : "?unknown?");
 		}
 
-		if (name != NULL && vals != NULL) {
+		if (name != NULL && vals != NULL && *name != '\0') {
 			for (i = 0; vals[i] != NULL; i++) {
 				if (debug != NULL) {
 					if (i != 0)

Index: passdb-sql.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-sql.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -d -r1.26 -r1.27
--- passdb-sql.c	22 Jan 2006 11:33:27 -0000	1.26
+++ passdb-sql.c	14 Feb 2006 17:43:04 -0000	1.27
@@ -43,7 +43,7 @@
 		name = sql_result_get_field_name(result, i);
 		value = sql_result_get_field_value(result, i);
 
-		if (value != NULL) {
+		if (*name != '\0' && value != NULL) {
 			auth_request_set_field(auth_request, name, value,
 				module->conn->set.default_pass_scheme);
 		}

Index: userdb-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-ldap.c,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -d -r1.39 -r1.40
--- userdb-ldap.c	14 Jan 2006 18:47:20 -0000	1.39
+++ userdb-ldap.c	14 Feb 2006 17:43:04 -0000	1.40
@@ -93,7 +93,7 @@
 						     name, vals)) 
 					return NULL;
 				seen_gid = TRUE;
-			} else {
+			} else if (*name != '\0') {
 				for (i = 0; vals[i] != NULL; i++) {
 					auth_stream_reply_add(reply, name,
 							      vals[i]);

Index: userdb-sql.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-sql.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- userdb-sql.c	14 Jan 2006 18:47:20 -0000	1.13
+++ userdb-sql.c	14 Feb 2006 17:43:04 -0000	1.14
@@ -60,7 +60,8 @@
 			value = dec2str(gid);
 		}
 
-		auth_stream_reply_add(reply, name, value);
+		if (*name != '\0')
+			auth_stream_reply_add(reply, name, value);
 	}
 
 	if (uid == (uid_t)-1) {

Index: userdb-static.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-static.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- userdb-static.c	16 Oct 2005 14:34:39 -0000	1.17
+++ userdb-static.c	14 Feb 2006 17:43:04 -0000	1.18
@@ -94,6 +94,8 @@
 					value);
 			}
 			value = dec2str(gid);
+		} else if (*key == '\0') {
+			i_fatal("Status userdb: Empty key (=%s)", value);
 		}
 		key = p_strdup(auth_userdb->auth->pool, key);
 		value = p_strdup(auth_userdb->auth->pool, value);

