-
Type: Bug
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Security
-
Labels:
-
Fully Compatible
-
ALL
First reported here: https://github.com/mongodb/mongo/pull/157
SSLManager::password_cb() is now in ssl_manager.cpp:
https://github.com/mongodb/mongo/blame/master/src/mongo/util/net/ssl_manager.cpp#L441-L446
int SSLManager::password_cb(char *buf,int num, int rwflag,void *userdata) { SSLManager* sm = static_cast<SSLManager*>(userdata); std::string pass = sm->_password; strcpy(buf,pass.c_str()); return(pass.size()); }
strcpy() bad!