summaryrefslogtreecommitdiff
path: root/ext/mysqlnd/mysqlnd_auth.c
diff options
context:
space:
mode:
authorNikita Popov <nikita.ppv@gmail.com>2020-01-24 14:55:00 +0100
committerNikita Popov <nikita.ppv@gmail.com>2020-01-24 14:55:00 +0100
commitdc6ede092f98a7d0c8a11ed5b642bd33d5441f59 (patch)
treef813de310e0dc466319f573484d4b6e7c7fb2059 /ext/mysqlnd/mysqlnd_auth.c
parentc8eceba2c75b75b9723627e0a68d23b639897940 (diff)
parentbb5cdd9b7469b37ceef0627100a415ead68f0030 (diff)
downloadphp-git-dc6ede092f98a7d0c8a11ed5b642bd33d5441f59.tar.gz
Merge branch 'PHP-7.4'
* PHP-7.4: Fixed bug #79011 Fix memory leaks in mysqlnd debug functionality
Diffstat (limited to 'ext/mysqlnd/mysqlnd_auth.c')
-rw-r--r--ext/mysqlnd/mysqlnd_auth.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c
index 5ed82b01a0..8702ef1c57 100644
--- a/ext/mysqlnd/mysqlnd_auth.c
+++ b/ext/mysqlnd/mysqlnd_auth.c
@@ -913,6 +913,12 @@ mysqlnd_caching_sha2_get_auth_data(struct st_mysqlnd_authentication_plugin * sel
DBG_INF_FMT("salt(%d)=[%.*s]", auth_plugin_data_len, auth_plugin_data_len, auth_plugin_data);
*auth_data_len = 0;
+ if (auth_plugin_data_len < SCRAMBLE_LENGTH) {
+ SET_CLIENT_ERROR(conn->error_info, CR_MALFORMED_PACKET, UNKNOWN_SQLSTATE, "The server sent wrong length for scramble");
+ DBG_ERR_FMT("The server sent wrong length for scramble %u. Expected %u", auth_plugin_data_len, SCRAMBLE_LENGTH);
+ DBG_RETURN(NULL);
+ }
+
DBG_INF("First auth step: send hashed password");
/* copy scrambled pass*/
if (passwd && passwd_len) {
@@ -1020,7 +1026,7 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn,
char xor_str[passwd_len + 1];
memcpy(xor_str, passwd, passwd_len);
xor_str[passwd_len] = '\0';
- mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len);
+ mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, SCRAMBLE_LENGTH);
server_public_key_len = RSA_size(server_public_key);
/*
View Lorry Controller Status