diff options
| author | Marko Mäkelä <marko.makela@mariadb.com> | 2018-03-20 18:36:03 +0200 |
|---|---|---|
| committer | Marko Mäkelä <marko.makela@mariadb.com> | 2018-03-20 18:36:03 +0200 |
| commit | 04921000594dcbdf23340850b9284fd30ccdb0fd (patch) | |
| tree | 94a14b06efc781d8ddd12b5a9276c533c12a5868 | |
| parent | e3dd9a95e50ef2019435b01bd9e161d552673a28 (diff) | |
| parent | 69bc3c1976ebcbe116890d9d26305fd2887ed47c (diff) | |
| download | mariadb-git-04921000594dcbdf23340850b9284fd30ccdb0fd.tar.gz | |
Merge 5.5 into 10.0
| -rw-r--r-- | extra/yassl/src/handshake.cpp | 10 | ||||
| -rw-r--r-- | include/my_valgrind.h | 2 | ||||
| -rw-r--r-- | storage/innobase/mem/mem0mem.cc | 5 | ||||
| -rw-r--r-- | storage/xtradb/mem/mem0mem.cc | 5 |
4 files changed, 22 insertions, 0 deletions
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp index 407e4092ccc..6e181a997bd 100644 --- a/extra/yassl/src/handshake.cpp +++ b/extra/yassl/src/handshake.cpp @@ -788,6 +788,16 @@ int DoProcessReply(SSL& ssl) needHdr = true; else { buffer >> hdr; + /* + According to RFC 4346 (see "7.4.1.3. Server Hello"), the Server Hello + packet needs to specify the highest supported TLS version, but not + higher than what client requests. YaSSL highest supported version is + TLSv1.1 (=3.2) - if the client requests a higher version, downgrade it + here to 3.2. + See also Appendix E of RFC 5246 (TLS 1.2) + */ + if (hdr.version_.major_ == 3 && hdr.version_.minor_ > 2) + hdr.version_.minor_ = 2; ssl.verifyState(hdr); } diff --git a/include/my_valgrind.h b/include/my_valgrind.h index 983dce8e75a..5d08a271d4a 100644 --- a/include/my_valgrind.h +++ b/include/my_valgrind.h @@ -35,6 +35,8 @@ # define MEM_CHECK_DEFINED(a,len) VALGRIND_CHECK_MEM_IS_DEFINED(a,len) #elif defined(__SANITIZE_ADDRESS__) # include <sanitizer/asan_interface.h> +/* How to do manual poisoning: +https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning */ # define MEM_UNDEFINED(a,len) ASAN_UNPOISON_MEMORY_REGION(a,len) # define MEM_NOACCESS(a,len) ASAN_POISON_MEMORY_REGION(a,len) # define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0) diff --git a/storage/innobase/mem/mem0mem.cc b/storage/innobase/mem/mem0mem.cc index b9f190509ee..f91126697fc 100644 --- a/storage/innobase/mem/mem0mem.cc +++ b/storage/innobase/mem/mem0mem.cc @@ -406,6 +406,11 @@ mem_heap_create_block_func( heap->total_size += len; } + /* Poison all available memory. Individual chunks will be unpoisoned on + every mem_heap_alloc() call. */ + compile_time_assert(MEM_BLOCK_HEADER_SIZE >= sizeof *block); + UNIV_MEM_FREE(block + 1, len - sizeof *block); + ut_ad((ulint)MEM_BLOCK_HEADER_SIZE < len); return(block); diff --git a/storage/xtradb/mem/mem0mem.cc b/storage/xtradb/mem/mem0mem.cc index b9f190509ee..f91126697fc 100644 --- a/storage/xtradb/mem/mem0mem.cc +++ b/storage/xtradb/mem/mem0mem.cc @@ -406,6 +406,11 @@ mem_heap_create_block_func( heap->total_size += len; } + /* Poison all available memory. Individual chunks will be unpoisoned on + every mem_heap_alloc() call. */ + compile_time_assert(MEM_BLOCK_HEADER_SIZE >= sizeof *block); + UNIV_MEM_FREE(block + 1, len - sizeof *block); + ut_ad((ulint)MEM_BLOCK_HEADER_SIZE < len); return(block); |