summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mysql-test/suite/encryption/r/filekeys_tooshort.result10
-rw-r--r--mysql-test/suite/encryption/t/filekeys-tooshort.enc1
-rw-r--r--mysql-test/suite/encryption/t/filekeys_tooshort.opt3
-rw-r--r--mysql-test/suite/encryption/t/filekeys_tooshort.test4
-rw-r--r--plugin/file_key_management/parser.cc2
5 files changed, 19 insertions, 1 deletions
diff --git a/mysql-test/suite/encryption/r/filekeys_tooshort.result b/mysql-test/suite/encryption/r/filekeys_tooshort.result
new file mode 100644
index 00000000000..efa66097563
--- /dev/null
+++ b/mysql-test/suite/encryption/r/filekeys_tooshort.result
@@ -0,0 +1,10 @@
+call mtr.add_suppression("Cannot decrypt .*tooshort.enc. Not encrypted");
+call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
+call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
+FOUND /Cannot decrypt .*tooshort.enc. Not encrypted/ in mysqld.1.err
+create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+select plugin_status from information_schema.plugins
+where plugin_name = 'file_key_management';
+plugin_status
+# Test checks if opening an too short filekeys does not crash the server.
diff --git a/mysql-test/suite/encryption/t/filekeys-tooshort.enc b/mysql-test/suite/encryption/t/filekeys-tooshort.enc
new file mode 100644
index 00000000000..9849236c7f4
--- /dev/null
+++ b/mysql-test/suite/encryption/t/filekeys-tooshort.enc
@@ -0,0 +1 @@
+Salted__ \ No newline at end of file
diff --git a/mysql-test/suite/encryption/t/filekeys_tooshort.opt b/mysql-test/suite/encryption/t/filekeys_tooshort.opt
new file mode 100644
index 00000000000..8999becc78d
--- /dev/null
+++ b/mysql-test/suite/encryption/t/filekeys_tooshort.opt
@@ -0,0 +1,3 @@
+--loose-file-key-management-filekey=secret
+--loose-file-key-management-filename=$MTR_SUITE_DIR/t/filekeys-tooshort.enc
+
diff --git a/mysql-test/suite/encryption/t/filekeys_tooshort.test b/mysql-test/suite/encryption/t/filekeys_tooshort.test
new file mode 100644
index 00000000000..b0e89675100
--- /dev/null
+++ b/mysql-test/suite/encryption/t/filekeys_tooshort.test
@@ -0,0 +1,4 @@
+let SEARCH_PATTERN=Cannot decrypt .*tooshort.enc. Not encrypted;
+source filekeys_badtest.inc;
+
+--echo # Test checks if opening an too short filekeys does not crash the server.
diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc
index 628412bc171..294ccc9ff79 100644
--- a/plugin/file_key_management/parser.cc
+++ b/plugin/file_key_management/parser.cc
@@ -333,7 +333,7 @@ char* Parser::read_and_decrypt_file(const char *secret)
// Check for file encryption
uchar *decrypted;
- if (is_prefix((char*)buffer, OpenSSL_prefix))
+ if (file_size > OpenSSL_prefix_len && is_prefix((char*)buffer, OpenSSL_prefix))
{
uchar key[OpenSSL_key_len];
uchar iv[OpenSSL_iv_len];
View Lorry Controller Status