diff options
| author | Michael Widenius <monty@askmonty.org> | 2011-12-11 11:34:44 +0200 |
|---|---|---|
| committer | Michael Widenius <monty@askmonty.org> | 2011-12-11 11:34:44 +0200 |
| commit | 6d4224a31c9d32c8f8067a4f7d16daa29bcdee6b (patch) | |
| tree | 79e3143528495069ad232f673532573b30afe425 /sql/sql_acl.cc | |
| parent | 3e2cb35e11cb5ee6668d538a62a3b32e017944a5 (diff) | |
| parent | 701c0f822abe4ee9eeafd244fa30dc2fcf067b81 (diff) | |
| download | mariadb-git-6d4224a31c9d32c8f8067a4f7d16daa29bcdee6b.tar.gz | |
Merge with 5.2.
no_error handling for select (used by INSERT ... SELECT) still needs to be fixed, but I will do that in a separate commit
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ae286878cea..1c31e331965 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -1979,13 +1979,12 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, */ else if (!password_len && no_auto_create) { - my_error(ER_PASSWORD_NO_MATCH, MYF(0), combo.user.str, combo.host.str); + my_error(ER_PASSWORD_NO_MATCH, MYF(0)); goto end; } else if (!can_create_user) { - my_error(ER_CANT_CREATE_USER_WITH_GRANT, MYF(0), - thd->security_ctx->user, thd->security_ctx->host_or_ip); + my_error(ER_CANT_CREATE_USER_WITH_GRANT, MYF(0)); goto end; } else if (combo.plugin.str[0]) @@ -7483,13 +7482,21 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio, if (pkt_len < MIN_HANDSHAKE_SIZE) return packet_error; + /* + Protocol buffer is guaranteed to always end with \0. (see my_net_read()) + As the code below depends on this, lets check that. + */ + DBUG_ASSERT(net->read_pos[pkt_len] == 0); + if (mpvio->connect_errors) reset_host_errors(&net->vio->remote.sin_addr); ulong client_capabilities= uint2korr(net->read_pos); if (client_capabilities & CLIENT_PROTOCOL_41) { - client_capabilities|= ((ulonglong) uint2korr(net->read_pos+2)) << 16; + if (pkt_len < 32) + return packet_error; + client_capabilities|= ((ulong) uint2korr(net->read_pos+2)) << 16; thd->max_client_packet_length= uint4korr(net->read_pos+4); DBUG_PRINT("info", ("client_character_set: %d", (uint) net->read_pos[8])); if (thd_init_client_charset(thd, (uint) net->read_pos[8])) @@ -7499,6 +7506,8 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio, } else { + if (pkt_len < 5) + return packet_error; thd->max_client_packet_length= uint3korr(net->read_pos+2); end= (char*) net->read_pos+5; } @@ -7843,8 +7852,7 @@ err: if (mpvio->status == MPVIO_EXT::FAILURE && !mpvio->thd->is_error()) { inc_host_errors(&mpvio->thd->net.vio->remote.sin_addr); - my_error(ER_HANDSHAKE_ERROR, MYF(0), - mpvio->thd->security_ctx->host_or_ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0)); } return -1; } @@ -8313,7 +8321,7 @@ static int native_password_authenticate(MYSQL_PLUGIN_VIO *vio, CR_ERROR : CR_OK; inc_host_errors(&mpvio->thd->net.vio->remote.sin_addr); - my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0)); return CR_ERROR; } @@ -8365,7 +8373,7 @@ static int old_password_authenticate(MYSQL_PLUGIN_VIO *vio, (ulong *)mpvio->acl_user->salt) ? CR_ERROR : CR_OK; inc_host_errors(&mpvio->thd->net.vio->remote.sin_addr); - my_error(ER_HANDSHAKE_ERROR, MYF(0), thd->main_security_ctx.host_or_ip); + my_error(ER_HANDSHAKE_ERROR, MYF(0)); return CR_ERROR; } |