From 6341c93d7791814ab0cee6758bd2fefda44778cd Mon Sep 17 00:00:00 2001
From: "serg@serg.mylan" <>
Date: Tue, 1 Jun 2004 23:58:33 +0200
Subject: [PATCH] check_scramble_323 shuold ensure that the scramble has the
 correct length

---
 sql/password.c | 2 ++
 sql/sql_acl.cc | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/sql/password.c b/sql/password.c
index 49f149969c9..0ac91346a55 100644
--- a/sql/password.c
+++ b/sql/password.c
@@ -218,6 +218,8 @@ check_scramble_323(const char *scrambled, const char *message,
   to=buff;
   for (pos=scrambled ; *pos ; pos++)
     *to++=(char) (floor(my_rnd(&rand_st)*31)+64);
+  if (pos-scrambled != SCRAMBLE_LENGTH_323)
+    return 1;
   extra=(char) (floor(my_rnd(&rand_st)*31));
   to=buff;
   while (*scrambled)
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 25ff4c5676b..d5427536370 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -629,8 +629,8 @@ int acl_getroot(THD *thd, USER_RESOURCES  *mqh,
         if (passwd_len == acl_user_tmp->salt_len)
         {
           if (acl_user_tmp->salt_len == 0 ||
-              acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
-              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0 ||
+              (acl_user_tmp->salt_len == SCRAMBLE_LENGTH &&
+              check_scramble(passwd, thd->scramble, acl_user_tmp->salt) == 0) ||
               check_scramble_323(passwd, thd->scramble,
                                  (ulong *) acl_user_tmp->salt) == 0)
           {