[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tpop3d-discuss] quick question
From: |
Chris Lightfoot |
Subject: |
Re: [tpop3d-discuss] quick question |
Date: |
Thu, 21 Jun 2001 23:50:14 +0100 |
User-agent: |
Mutt/1.2.5i |
On Thu, Jun 21, 2001 at 02:18:21PM -0700, Nancy Pettigrew (work) wrote:
> Hi -
>
> I need to modify the auth_mysql.c to suit different authentication tables,
> so I've been perusing the auth_mysql_new_user_pass function in auth_mysql.c.
> Just curious about 1 line of code right now, line 446:
> query = (char*)malloc(l = (sizeof(user_pass_query_template) +
> strlen(user) * 2 + 1 + 34));
> Just curious as to the origin of the * 2 + 1 + 34 in the malloc - why those
> numbers, specifically?
char user_pass_query_template[] =
"SELECT domain.path, popbox.mbox_name, popbox.password_hash,
domain.unix_user "
"FROM popbox, domain "
"WHERE popbox.local_part = '%s' "
"AND popbox.domain_name = '%s' "
"AND popbox.domain_name = domain.domain_name";
authcontext auth_mysql_new_user_pass(const char *user, const char *pass) {
/* ... */
query = (char*)malloc(l = (sizeof(user_pass_query_template) + strlen(user)
* 2 + 1 + 34));
sizeof(user_pass_query_template) -- obvious; the fixed
part of the query, plus the terminating \0;
strlen(user) * 2 -- enough space for the username, if
every character has to be escaped;
1 -- an extra byte (probably there in case I'd miscounted
a terminating \0 ;) )
34 -- an extra 34 bytes to make the computer feel good. In
previous versions, the select statement was like
SELECT ... WHERE local_part = '%s' AND password_hash = '%s' AND ...
because the only sort of password hash supported was a
straight MD5 hex hash; hence, another 32 byte + 2 * "'"
was needed for this bit of the query.
So, it wastes (but then frees) an extra 34 bytes for each
query. Well spotted :)
--
Chris Lightfoot -- www.ex-parrot.com/~chris/
``Do we really need two North Dakotas?
I mean, we already have South Dakota as an emergency spare.'' (Scott Adams)