MDEV-19604 WolfSSL breaks binlog_encryption.binlog_incident

Log_event_writer::encrypt_and_write() can pass NULL pointer as source buffer
for the encryption. WolfSSL EVP_CipherUpdate(), rightfully rejects this
as invalid parameter.

Fix  Log_event_writer::encrypt_and_write() and check, with assertion,
that src parameterm is sane in MyCTX::update()

2 files changed, 5 insertions, 1 deletions

diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc
index e83c949f21e..383cec07ddd 100644
--- a/mysys_ssl/my_crypt.cc
+++ b/mysys_ssl/my_crypt.cc
@@ -60,6 +60,7 @@ public:
   }
   virtual int update(const uchar *src, uint slen, uchar *dst, uint *dlen)
   {
+    DBUG_ASSERT(src);
     if (EVP_CipherUpdate(ctx, dst, (int*)dlen, src, slen) != 1)
       return MY_AES_OPENSSL_ERROR;
     return MY_AES_OK;
diff --git a/sql/log_event.cc b/sql/log_event.cc
index d303f345949..f25ebd56792 100644
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -1628,8 +1628,11 @@ int Log_event_writer::encrypt_and_write(const uchar *pos, size_t len)
       return 1;
 
     uint dstlen;
-    if (encryption_ctx_update(ctx, pos, (uint)len, dst, &dstlen))
+    if (len == 0)
+      dstlen= 0;
+    else if (encryption_ctx_update(ctx, pos, (uint)len, dst, &dstlen))
       goto err;
+
     if (maybe_write_event_len(dst, dstlen))
       return 1;
     pos= dst;