diff options
| author | Alexander Barkov <alexander.barkov@oracle.com> | 2011-02-18 12:46:55 +0300 |
|---|---|---|
| committer | Alexander Barkov <alexander.barkov@oracle.com> | 2011-02-18 12:46:55 +0300 |
| commit | f4beb9294046ac368cfb66fc3270298a85dbdf4a (patch) | |
| tree | f186d667dd96739f271ddf7e93c7389f259051a8 /sql/sql_acl.cc | |
| parent | 0db53b19b78c01d820463d727b0e73e97c5cd802 (diff) | |
| download | mariadb-git-f4beb9294046ac368cfb66fc3270298a85dbdf4a.tar.gz | |
Bug#11765108 (Bug#58036) client utf32, utf16, ucs2 should be disallowed, they crash server
Problem: ucs2 was correctly disallowed in "SET NAMES" only,
while mysql_real_connect() and mysql_change_user() still allowed
to use ucs2, which made server crash.
Fix: disallow ucs2 in mysql_real_connect() and mysql_change_user().
@ sql/set_var.cc
Using new function.
@ sql/sql_acl.cc
- Return error if character set initialization failed
- Getting rid of pointer aliasing:
Initialize user_name to NULL, to avoid double free().
@ sql/sql_connect.cc
- in case of unsupported client character set send error and return true
- in case of success return false
@ sql/sql_connect.h
- changing return type for thd_init_client_charset() to bool,
to return errors to the caller
@ sql/sql_parse.h
- introducing a new function, to reuse in all places where we need
to check client character set.
@ tests/mysql_client_test.c
Adding test
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 427e2eb7346..9c57b3c102d 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7799,7 +7799,8 @@ public: Thd_charset_adapter(THD *thd_arg) : thd (thd_arg) {} bool init_client_charset(uint cs_number) { - thd_init_client_charset(thd, cs_number); + if (thd_init_client_charset(thd, cs_number)) + return true; thd->update_charset(); return thd->is_error(); } @@ -8929,9 +8930,8 @@ server_mpvio_initialize(THD *thd, MPVIO_EXT *mpvio, uint connect_errors, mpvio->auth_info.host_or_ip= thd->security_ctx->host_or_ip; mpvio->auth_info.host_or_ip_length= (unsigned int) strlen(thd->security_ctx->host_or_ip); - mpvio->auth_info.user_name= thd->security_ctx->user; - mpvio->auth_info.user_name_length= thd->security_ctx->user ? - (unsigned int) strlen(thd->security_ctx->user) : 0; + mpvio->auth_info.user_name= NULL; + mpvio->auth_info.user_name_length= 0; mpvio->connect_errors= connect_errors; mpvio->status= MPVIO_EXT::FAILURE; |