Commit c26f1fd5 authored by Georgi Kodinov's avatar Georgi Kodinov

Bug #59453: Non-ASCIIZ string kills protocol extensibility in MySQL 5.5

When the server sends the name of the plugin it's using in the handshake 
packet it was null terminating it in it's buffer, but was sending a length of 
the packet 1 byte short.
Fixed to send the terminating 0 as well by increasing the length of the 
packet to include it. 
In this way the handshake packet becomes similar to the change user packet
where the plugin name is null terminated.
No test suite added as the fix can only be observed by analyzing the bytes
sent over the wire.
parent 9c44e83b
...@@ -8014,7 +8014,7 @@ static bool send_server_handshake_packet(MPVIO_EXT *mpvio, ...@@ -8014,7 +8014,7 @@ static bool send_server_handshake_packet(MPVIO_EXT *mpvio,
end= strmake(end, plugin_name(mpvio->plugin)->str, end= strmake(end, plugin_name(mpvio->plugin)->str,
plugin_name(mpvio->plugin)->length); plugin_name(mpvio->plugin)->length);
int res= my_net_write(mpvio->net, (uchar*) buff, (size_t) (end - buff)) || int res= my_net_write(mpvio->net, (uchar*) buff, (size_t) (end - buff + 1)) ||
net_flush(mpvio->net); net_flush(mpvio->net);
my_afree(buff); my_afree(buff);
DBUG_RETURN (res); DBUG_RETURN (res);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment