MDEV-19604 WolfSSL breaks binlog_encryption.binlog_incident

Log_event_writer::encrypt_and_write() can pass NULL pointer as source buffer for the encryption. WolfSSL EVP_CipherUpdate(), rightfully rejects this as invalid parameter. Fix Log_event_writer::encrypt_and_write() and check, with assertion, that src parameterm is sane in MyCTX::update()

MDEV-19604 WolfSSL breaks binlog_encryption.binlog_incident
Log_event_writer::encrypt_and_write() can pass NULL pointer as source buffer for the encryption. WolfSSL EVP_CipherUpdate(), rightfully rejects this as invalid parameter. Fix Log_event_writer::encrypt_and_write() and check, with assertion, that src parameterm is sane in MyCTX::update()
7d3a759d · Vladislav Vaintroub · d80065c2 · 7d3a759d · 7d3a759d
Commit 7d3a759d authored May 27, 2019 by Vladislav Vaintroub
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 1 deletion

mysys_ssl/my_crypt.cc mysys_ssl/my_crypt.cc +1 -0

sql/log_event.cc sql/log_event.cc +4 -1

No files found.
--- a/mysys_ssl/my_crypt.cc
+++ b/mysys_ssl/my_crypt.cc
@@ -60,6 +60,7 @@ class MyCTX
  }
  virtual int update(const uchar *src, uint slen, uchar *dst, uint *dlen)
  {
+    DBUG_ASSERT(src);
    if (EVP_CipherUpdate(ctx, dst, (int*)dlen, src, slen) != 1)
      return MY_AES_OPENSSL_ERROR;
    return MY_AES_OK;

--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -1628,8 +1628,11 @@ int Log_event_writer::encrypt_and_write(const uchar *pos, size_t len)
      return 1;

    uint dstlen;
-    if (encryption_ctx_update(ctx, pos, (uint)len, dst, &dstlen))
+    if (len == 0)
+      dstlen= 0;
+    else if (encryption_ctx_update(ctx, pos, (uint)len, dst, &dstlen))
      goto err;
+
    if (maybe_write_event_len(dst, dstlen))
      return 1;
    pos= dst;