[JDEV] [Fwd: [INFO] bug or perhaps undesirable legacy code in jabberd 1.42]
Justin Kirby
justin at openaether.org
Tue Jul 15 01:27:48 CDT 2003
Great catch, forwarding this off to jdev list. Someone there should be
able to take care of this.
Justin
-----Forwarded Message-----
> From: Eli Burke <eburke at lore.net>
> To: info at jabber.org
> Subject: [INFO] bug or perhaps undesirable legacy code in jabberd 1.42
> Date: 07 Jul 2003 16:57:57 -0400
>
> Hey.. I think I found a bug in v 1.42 of jabberd. I'm not 100% sure this
> is the right place to
> send this bug report, but it was mentioned in the developer FAQ.
>
> line 124 of jsm/modules/mod_auth_0k.c
>
> if((xdb = xdb_get(m->si->xc, m->user->id, NS_AUTH_0K)) == NULL)
> {
> /* if there's no password or we can't set our own vars, we're
> doomed for failure */
> if(mod_auth_0k_reset(m,m->user->id,m->user->pass));
> return M_PASS;
> xdb = xdb_get(m->si->xc, m->user->id, NS_AUTH_0K);
> }
>
>
> Since the line "
> if(mod_auth_0k_reset(m,m->user->id,m->user->pass));"
> ends in a semi-colon, its evaluation is not used to determine whether or
> not
> "return M_PASS;" is called.
>
> In other words, the 2nd call to xdb_get is never called.
>
> -Eli
More information about the JDev
mailing list