Commit 4e2a0c34 authored by Jan Lindström's avatar Jan Lindström

MDEV-10888: encryption.filekeys_emptyfile fails in buildbot with valgrind

Problem was that length of the filekeys file was not checked and if
length is less than OpenSSL_prefix_len uninitialized memory was
accessed.
parent d30809a3
call mtr.add_suppression("Cannot decrypt .*tooshort.enc. Not encrypted");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND /Cannot decrypt .*tooshort.enc. Not encrypted/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
# Test checks if opening an too short filekeys does not crash the server.
Salted__
\ No newline at end of file
--loose-file-key-management-filekey=secret
--loose-file-key-management-filename=$MTR_SUITE_DIR/t/filekeys-tooshort.enc
let SEARCH_PATTERN=Cannot decrypt .*tooshort.enc. Not encrypted;
source filekeys_badtest.inc;
--echo # Test checks if opening an too short filekeys does not crash the server.
...@@ -333,7 +333,7 @@ char* Parser::read_and_decrypt_file(const char *secret) ...@@ -333,7 +333,7 @@ char* Parser::read_and_decrypt_file(const char *secret)
// Check for file encryption // Check for file encryption
uchar *decrypted; uchar *decrypted;
if (is_prefix((char*)buffer, OpenSSL_prefix)) if (file_size > OpenSSL_prefix_len && is_prefix((char*)buffer, OpenSSL_prefix))
{ {
uchar key[OpenSSL_key_len]; uchar key[OpenSSL_key_len];
uchar iv[OpenSSL_iv_len]; uchar iv[OpenSSL_iv_len];
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment