MonetDB: Sep2022 - Encode byte sequence in hashed password as UT...

Thu, 09 Feb 2023 05:13:18 -0800 

Changeset: e5f293bb8804 for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB/rev/e5f293bb8804
Modified Files:
        monetdb5/mal/mal_authorize.c
Branch: Sep2022
Log Message:

Encode byte sequence in hashed password as UTF-8.
This means that if the vaultkey contains non-ASCII bytes, the string
that is saved in sys.db_user_info.password is still valid UTF-8.


diffs (56 lines):

diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -446,7 +446,7 @@ AUTHdecypherValue(str *ret, const char *
        str r, w;
        const char *s = value;
        char t = '\0';
-       int escaped = 0;
+       bool escaped = false;
        /* we default to some garbage key, just to make password unreadable
         * (a space would only uppercase the password) */
        size_t keylen = 0;
@@ -462,12 +462,17 @@ AUTHdecypherValue(str *ret, const char *
        /* XOR all characters.  If we encounter a 'one' char after the XOR
         * operation, it is an escape, so replace it with the next char. */
        for (; (t = *s) != '\0'; s++) {
-               if (t == '\1' && escaped == 0) {
-                       escaped = 1;
+               if ((t & 0xE0) == 0xC0) {
+                       assert((t & 0x1E) == 0x02);
+                       assert((s[1] & 0xC0) == 0x80);
+                       t = ((t & 0x1F) << 6) | (*++s & 0x3F);
+               }
+               if (t == '\1' && !escaped) {
+                       escaped = true;
                        continue;
-               } else if (escaped != 0) {
+               } else if (escaped) {
                        t -= 1;
-                       escaped = 0;
+                       escaped = false;
                }
                *w = t ^ vaultKey[(w - r) % keylen];
                w++;
@@ -504,13 +509,18 @@ AUTHcypherValue(str *ret, const char *va
        /* XOR all characters.  If we encounter a 'zero' char after the XOR
         * operation, escape it with a 'one' char. */
        for (; *s != '\0'; s++) {
-               *w = *s ^ vaultKey[(s - value) % keylen];
-               if (*w == '\0') {
+               char c = *s ^ vaultKey[(s - value) % keylen];
+               if (c == '\0') {
                        *w++ = '\1';
                        *w = '\1';
-               } else if (*w == '\1') {
+               } else if (c == '\1') {
                        *w++ = '\1';
                        *w = '\2';
+               } else if (c & 0x80) {
+                       *w++ = 0xC0 | ((c >> 6) & 0x03);
+                       *w = 0x80 | (c & 0x3F);
+               } else {
+                       *w = c;
                }
                w++;
        }
_______________________________________________
checkin-list mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to