[packages/mysql.git] / mysql-CVE-2012-2122.patch

--- mysql-5.5.21.orig/sql/password.c	2012-01-31 12:28:14.000000000 +0100
+++ mysql-5.5.21/sql/password.c	2012-06-11 18:33:31.712820746 +0200
@@ -531,7 +531,7 @@
   mysql_sha1_reset(&sha1_context);
   mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
   mysql_sha1_result(&sha1_context, hash_stage2_reassured);
-  return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
+  return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
 }
Commit	Line	Data
a5c997ca AO	1	--- mysql-5.5.21.orig/sql/password.c 2012-01-31 12:28:14.000000000 +0100
	2	+++ mysql-5.5.21/sql/password.c 2012-06-11 18:33:31.712820746 +0200
	3	@@ -531,7 +531,7 @@
	4	mysql_sha1_reset(&sha1_context);
	5	mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
	6	mysql_sha1_result(&sha1_context, hash_stage2_reassured);
	7	- return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
	8	+ return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
	9	}
	10
	11