openbsd-ports/databases/mysql/patches/patch-sql_password_c

$OpenBSD: patch-sql_password_c,v 1.1 2012/05/04 07:57:18 ajacoutot Exp $

Fix for security issue. Bug #64884.

--- sql/password.c.orig	Thu May  3 16:26:33 2012
+++ sql/password.c	Thu May  3 16:27:59 2012
@@ -531,7 +531,7 @@ check_scramble(const char *scramble_arg, const char *m
   mysql_sha1_reset(&sha1_context);
   mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
   mysql_sha1_result(&sha1_context, hash_stage2_reassured);
-  return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
+  return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
 }