MDEV-3915 COM_CHANGE_USER allows fast password brute-forcing

allow only three failed change_user per connection. successful change_user do NOT reset the counter tests/mysql_client_test.c: make --error to work for --change_user errors
author: Sergei Golubchik <sergii@pisem.net> 2013-01-25 00:17:39 +0100
committer: Sergei Golubchik <sergii@pisem.net> 2013-01-25 00:17:39 +0100
commit: bfc71e63a77972fa4ab934855b6ab712bea323a1 (patch)
tree: dee331666634538a0855e3f0a3674285b2978b10 /sql/sql_class.cc
parent: 8127e631de90dddc25b3cdffe59e147333eb6c74 (diff)
download: mariadb-git-bfc71e63a77972fa4ab934855b6ab712bea323a1.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/sql/sql_class.cc b/sql/sql_class.cc
index b7a37ae3f69..d44d28eaae2 100644
--- a/sql/sql_class.cc
+++ b/sql/sql_class.cc
@@ -675,6 +675,7 @@ THD::THD()
    stmt_depends_on_first_successful_insert_id_in_prev_stmt(FALSE),
    examined_row_count(0),
    global_read_lock(0),
+   failed_com_change_user(0),
    is_fatal_error(0),
    transaction_rollback_request(0),
    is_fatal_sub_stmt_error(0),
author	Sergei Golubchik <sergii@pisem.net>	2013-01-25 00:17:39 +0100
committer	Sergei Golubchik <sergii@pisem.net>	2013-01-25 00:17:39 +0100
commit	bfc71e63a77972fa4ab934855b6ab712bea323a1 (patch)
tree	dee331666634538a0855e3f0a3674285b2978b10 /sql/sql_class.cc
parent	8127e631de90dddc25b3cdffe59e147333eb6c74 (diff)
download	mariadb-git-bfc71e63a77972fa4ab934855b6ab712bea323a1.tar.gz