FIXED POTENTIAL BUFFER OVERFLOW IN STRING PARSING CODE.

mysql-useradm.c

@@ -1,5 +1,5 @@
 /*
- * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.8 2003-04-07 16:21:50 lkarsten Exp $
+ * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-useradm.c,v 1.9 2004-11-16 20:59:42 lkarsten Exp $
  *
  * mysql-useradm.c
  *
@@ -220,7 +220,6 @@ list(MYSQL *pmysql)
   return userlist;
 }
 
-
 int
 main(int argc, char *argv[])
 {
@@ -228,6 +227,7 @@ main(int argc, char *argv[])
   enum { c_create, c_delete, c_passwd, c_show } command;
   MYSQL mysql;
   char **dblist, **p;
+  char *user;
 
   program_name = argv[0];
 
@@ -285,31 +285,32 @@ main(int argc, char *argv[])
 	}
       free(dblist);
     }
-  else
+  else {
-    {
+    user = malloc(64);
     /* for each supplied database name, perform the requested action */
-      for (i = 2; i < argc; i++)
+
+    for (i = 2; i < argc; i++) {
+      strncpy(user, argv[i], 32);
+      user[33] = '\0';
+	  if (! (owner(user) || member(user)))
 	    {
-	  if (! (owner(argv[i]) || member(argv[i])))
+	      dberror(NULL, "You are not the owner of '%s'.  Skipping.", user);
-	    {
-	      dberror(NULL, "You are not the owner of '%s'.  Skipping.",
-		     argv[i]);
 	      continue;
 	    }
 
 	  switch (command)
 	    {
 	    case c_create:
-	      create(&mysql, argv[i]);
+	      create(&mysql, user);
 	      break;
 	    case c_delete:
-	      delete(&mysql, argv[i]);
+	      delete(&mysql, user);
 	      break;
 	    case c_passwd:
-	      passwd(&mysql, argv[i]);
+	      passwd(&mysql, user);
 	      break;
 	    case c_show:
-	      show(&mysql, argv[i]);
+	      show(&mysql, user);
 	      break;
 	    default:
 	      fprintf(stderr, "This point should never be reached.\n");