From 8827eb83259015ad5965e9b7456200129daad175 Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Thu, 14 May 2015 10:35:30 +0200
Subject: MDEV-8162 func_str crashes on SELECT AES_DECRYPT(AES_ENCRYPT(...)) on
 line 107

encrypting 0 byte string *is* possible
---
 mysys_ssl/my_crypt.cc | 47 ++++++++++++++++++++++++-----------------------
 1 file changed, 24 insertions(+), 23 deletions(-)

(limited to 'mysys_ssl')

diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc
index 0c977eb94bf..b95879a3012 100644
--- a/mysys_ssl/my_crypt.cc
+++ b/mysys_ssl/my_crypt.cc
@@ -71,8 +71,6 @@ static int block_crypt(CipherMode cipher, Dir dir,
 {
   int tail= source_length % MY_AES_BLOCK_SIZE;
 
-  DBUG_ASSERT(source_length);
-
   if (likely(source_length >= MY_AES_BLOCK_SIZE || !no_padding))
   {
 #ifdef HAVE_YASSL
@@ -139,28 +137,31 @@ static int block_crypt(CipherMode cipher, Dir dir,
 #endif
   }
 
-  if (no_padding && tail)
+  if (no_padding)
   {
-    /*
-      Not much we can do, block ciphers cannot encrypt data that aren't
-      a multiple of the block length. At least not without padding.
-      Let's do something CTR-like for the last partial block.
-    */
-
-    uchar mask[MY_AES_BLOCK_SIZE];
-    uint mlen;
-
-    DBUG_ASSERT(iv_length >= sizeof(mask));
-    my_aes_encrypt_ecb(iv, sizeof(mask), mask, &mlen,
-                       key, key_length, 0, 0, 1);
-    DBUG_ASSERT(mlen == sizeof(mask));
-
-    const uchar *s= source + source_length - tail;
-    const uchar *e= source + source_length;
-    uchar *d= dest + source_length - tail;
-    const uchar *m= mask;
-    while (s < e)
-      *d++ = *s++ ^ *m++;
+    if (tail)
+    {
+      /*
+        Not much we can do, block ciphers cannot encrypt data that aren't
+        a multiple of the block length. At least not without padding.
+        Let's do something CTR-like for the last partial block.
+      */
+
+      uchar mask[MY_AES_BLOCK_SIZE];
+      uint mlen;
+
+      DBUG_ASSERT(iv_length >= sizeof(mask));
+      my_aes_encrypt_ecb(iv, sizeof(mask), mask, &mlen,
+                         key, key_length, 0, 0, 1);
+      DBUG_ASSERT(mlen == sizeof(mask));
+
+      const uchar *s= source + source_length - tail;
+      const uchar *e= source + source_length;
+      uchar *d= dest + source_length - tail;
+      const uchar *m= mask;
+      while (s < e)
+        *d++ = *s++ ^ *m++;
+    }
     *dest_length= source_length;
   }
 
-- 
cgit v1.2.1