Actually return the value of the password field https://forum.virtualmin.com/t/mysql-root-password-leaks-to-users-during-backup/120096/5

2025-07-25 15:09:18 +00:00 · 2023-04-05 20:59:47 -07:00
parent c9c672a6a7
commit 31d69174fc
1 changed files with 1 additions and 1 deletions
--- a/mysql/mysql-lib.pl
+++ b/mysql/mysql-lib.pl
@ -742,7 +742,7 @@ if (&compare_version_numbers($mysql_version, "4.1") >= 0 && !$config{'nopwd'}) {
 		local @cf = &parse_mysql_config($cf);
 		local $client = &find("client", \@cf);
 		next if (!$client);
-		local $password = &find("password", $client->{'members'});
+		local $password = &find_value("password", $client->{'members'});
 		return 0 if ($password ne '' && $password ne $realpass);
 		}
 	return 1;