• François Grisez's avatar
    AuthDB: avoid giving empty password list to password cache · 6bf1df54
    François Grisez authored
    Giving an empty list to the password cache corrupts it by adding
    a user in the cache without password. Then, the next time
    AuthDb calls getCachedPassword() for the same user, VALID_PASS_FOUND
    is returned but there is no password returned by the out argument.
    This commit adds a protection in cachePassword() that throw an
    invalid_argument exception if the given password list is empty.
authdb.cc 10.2 KB