diff options
-rw-r--r-- | mysql-test/r/func_str.result | 37 | ||||
-rw-r--r-- | mysql-test/t/func_str.test | 36 | ||||
-rw-r--r-- | sql/item_strfunc.cc | 4 | ||||
-rw-r--r-- | sql/item_strfunc.h | 19 |
4 files changed, 90 insertions, 6 deletions
diff --git a/mysql-test/r/func_str.result b/mysql-test/r/func_str.result index 9a9b9f0d73d..ceaeb64fa01 100644 --- a/mysql-test/r/func_str.result +++ b/mysql-test/r/func_str.result @@ -4551,3 +4551,40 @@ id select_type table type possible_keys key key_len ref rows filtered Extra 1 SIMPLE NULL NULL NULL NULL NULL NULL NULL NULL No tables used Warnings: Note 1003 select char(0xdf) AS `CHAR(0xDF)` +# +# MDEV-15619 using CONVERT() inside AES_ENCRYPT() in an UPDATE corrupts data +# +CREATE TABLE t1 ( +id int(11) NOT NULL, +session_id varchar(255) DEFAULT NULL, +directory mediumtext, +checksum int(10) DEFAULT NULL, +last_update datetime DEFAULT NULL, +PRIMARY KEY (id), +KEY lastupdate (last_update) +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,'',NULL,38391,'2017-06-24 07:35:28'); +UPDATE t1 SET directory = AES_ENCRYPT(CONVERT('test stringrererejrjerjehrjekhrjkehrjkehrkjehrjkerhkjehrjekrhkjehrkjerhjkehrkjehrkjehrjkehrjkehrjkehrjkerjkehrjkehrjkehrjke rekjhrejrejhrjehgrehjgrhjerjhegrjherejhgrjhegrjehgrjhegrejhrgjehgrjhegrjhegrjhergjhegrjhegrhjegrjerhthkjjkdhjkgdfjkgjkdgdjkfjkhgjkfdhjgjkfdghkjdfghkjfdghfjkdghkdjfghdkjfghfjkdghfkjdghkjfdghfkjdghfkdjghfkjdghfdjkghjkdfhgdfjkghfjkdghfjkdghfjdkghfjkdghkfjdghfkjdghfkjdghkjdfghfjdkghjkfdghkjdfhgjkdfhgjkfdhgkjfdghkfjdhgkjfdgdjkejktjherjthkjrethkjrethjkerthjkerhtjkerhtkjerhtjkerhtjkerhtjkrehtkjerhtkjrehtjkrehtkjrehtkjerhtkjerhtjkrehtkjrehtjkrehtkjrethjkrethkjrehtkjethjkerhtjkrehtjkretkjerhtkjrehtjkerhtjkrehtjrehtkjrekjtrfgdsfgdhjsghjgfdhjsfhjdfgdhjshjdshjfghjdsfgjhsfgjhsdfgjhdsfgjdhsfgsjhfgjhsdfgsdjhfgjdhsfdjshfgdsjhfgjsdhfdjshfgdjhsfgdjshfgjdhsfgjhsdfgjhsdgfjhsdgfjhdsgfjhsgfjhsdgfjhdsgfhjsdehkjthrkjethjkre' USING latin1), '95F5A1F52A554'), last_update= NOW(); +SELECT directory IS NULL FROM t1; +directory IS NULL +0 +DROP TABLE t1; +CREATE TABLE t1 ( +id int(11) NOT NULL PRIMARY KEY, +directory mediumtext +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,AES_ENCRYPT(CONVERT(REPEAT('a',800) USING latin1),'95F5A1F52A554')); +SELECT AES_DECRYPT(directory,'95F5A1F52A554') FROM t1; +AES_DECRYPT(directory,'95F5A1F52A554') +aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +DROP TABLE t1; +SET @enc=AES_ENCRYPT(REPEAT(_latin1'a',800),'95F5A1F52A554'); +CREATE TABLE t1 ( +id int(11) NOT NULL PRIMARY KEY, +directory mediumtext +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,AES_DECRYPT(CONVERT(@enc USING binary),'95F5A1F52A554')); +SELECT * FROM t1; +id directory +1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +DROP TABLE t1; diff --git a/mysql-test/t/func_str.test b/mysql-test/t/func_str.test index bdeca8d0d86..019d17518dd 100644 --- a/mysql-test/t/func_str.test +++ b/mysql-test/t/func_str.test @@ -1754,3 +1754,39 @@ EXECUTE stmt; EXPLAIN EXTENDED SELECT CHAR(0xDF USING latin1); EXPLAIN EXTENDED SELECT CHAR(0xDF USING `binary`); EXPLAIN EXTENDED SELECT CHAR(0xDF); + + +--echo # +--echo # MDEV-15619 using CONVERT() inside AES_ENCRYPT() in an UPDATE corrupts data +--echo # + +CREATE TABLE t1 ( + id int(11) NOT NULL, + session_id varchar(255) DEFAULT NULL, + directory mediumtext, + checksum int(10) DEFAULT NULL, + last_update datetime DEFAULT NULL, + PRIMARY KEY (id), + KEY lastupdate (last_update) +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,'',NULL,38391,'2017-06-24 07:35:28'); +UPDATE t1 SET directory = AES_ENCRYPT(CONVERT('test stringrererejrjerjehrjekhrjkehrjkehrkjehrjkerhkjehrjekrhkjehrkjerhjkehrkjehrkjehrjkehrjkehrjkehrjkerjkehrjkehrjkehrjke rekjhrejrejhrjehgrehjgrhjerjhegrjherejhgrjhegrjehgrjhegrejhrgjehgrjhegrjhegrjhergjhegrjhegrhjegrjerhthkjjkdhjkgdfjkgjkdgdjkfjkhgjkfdhjgjkfdghkjdfghkjfdghfjkdghkdjfghdkjfghfjkdghfkjdghkjfdghfkjdghfkdjghfkjdghfdjkghjkdfhgdfjkghfjkdghfjkdghfjdkghfjkdghkfjdghfkjdghfkjdghkjdfghfjdkghjkfdghkjdfhgjkdfhgjkfdhgkjfdghkfjdhgkjfdgdjkejktjherjthkjrethkjrethjkerthjkerhtjkerhtkjerhtjkerhtjkerhtjkrehtkjerhtkjrehtjkrehtkjrehtkjerhtkjerhtjkrehtkjrehtjkrehtkjrethjkrethkjrehtkjethjkerhtjkrehtjkretkjerhtkjrehtjkerhtjkrehtjrehtkjrekjtrfgdsfgdhjsghjgfdhjsfhjdfgdhjshjdshjfghjdsfgjhsfgjhsdfgjhdsfgjdhsfgsjhfgjhsdfgsdjhfgjdhsfdjshfgdsjhfgjsdhfdjshfgdjhsfgdjshfgjdhsfgjhsdfgjhsdgfjhsdgfjhdsgfjhsgfjhsdgfjhdsgfhjsdehkjthrkjethjkre' USING latin1), '95F5A1F52A554'), last_update= NOW(); +SELECT directory IS NULL FROM t1; +DROP TABLE t1; + +CREATE TABLE t1 ( + id int(11) NOT NULL PRIMARY KEY, + directory mediumtext +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,AES_ENCRYPT(CONVERT(REPEAT('a',800) USING latin1),'95F5A1F52A554')); +SELECT AES_DECRYPT(directory,'95F5A1F52A554') FROM t1; +DROP TABLE t1; + +SET @enc=AES_ENCRYPT(REPEAT(_latin1'a',800),'95F5A1F52A554'); +CREATE TABLE t1 ( + id int(11) NOT NULL PRIMARY KEY, + directory mediumtext +) DEFAULT CHARSET=latin1; +INSERT INTO t1 VALUES (1,AES_DECRYPT(CONVERT(@enc USING binary),'95F5A1F52A554')); +SELECT * FROM t1; +DROP TABLE t1; diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc index 378f23f3109..e0bd3cc2195 100644 --- a/sql/item_strfunc.cc +++ b/sql/item_strfunc.cc @@ -379,7 +379,7 @@ String *Item_func_aes_encrypt::val_str(String *str2) DBUG_ASSERT(fixed == 1); char key_buff[80]; String tmp_key_value(key_buff, sizeof(key_buff), system_charset_info); - String *sptr= args[0]->val_str(&str_value); // String to encrypt + String *sptr= args[0]->val_str(&tmp_value); // String to encrypt String *key= args[1]->val_str(&tmp_key_value); // key int aes_length; if (sptr && key) // we need both arguments to be not NULL @@ -418,7 +418,7 @@ String *Item_func_aes_decrypt::val_str(String *str) String *sptr, *key; DBUG_ENTER("Item_func_aes_decrypt::val_str"); - sptr= args[0]->val_str(&str_value); // String to decrypt + sptr= args[0]->val_str(&tmp_value); // String to decrypt key= args[1]->val_str(&tmp_key_value); // Key if (sptr && key) // Need to have both arguments not NULL { diff --git a/sql/item_strfunc.h b/sql/item_strfunc.h index 12c348aa9fa..1213faeec5c 100644 --- a/sql/item_strfunc.h +++ b/sql/item_strfunc.h @@ -134,19 +134,30 @@ public: }; -class Item_func_aes_encrypt :public Item_str_func +class Item_aes_crypt :public Item_str_func +{ +protected: + String tmp_value; +public: + Item_aes_crypt(Item *a, Item *b) + :Item_str_func(a, b) {} +}; + +class Item_func_aes_encrypt :public Item_aes_crypt { public: - Item_func_aes_encrypt(Item *a, Item *b) :Item_str_func(a,b) {} + Item_func_aes_encrypt(Item *a, Item *b): + Item_aes_crypt(a, b) {} String *val_str(String *); void fix_length_and_dec(); const char *func_name() const { return "aes_encrypt"; } }; -class Item_func_aes_decrypt :public Item_str_func +class Item_func_aes_decrypt :public Item_aes_crypt { public: - Item_func_aes_decrypt(Item *a, Item *b) :Item_str_func(a,b) {} + Item_func_aes_decrypt(Item *a, Item *b): + Item_aes_crypt(a,b) {} String *val_str(String *); void fix_length_and_dec(); const char *func_name() const { return "aes_decrypt"; } |