Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
cee7175b
Commit
cee7175b
authored
Sep 21, 2022
by
kurt
Committed by
Daniel Black
Oct 19, 2022
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
MDEV-25343 add read secret size in file key plugin
parent
64d85c36
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
33 additions
and
1 deletion
+33
-1
mysql-test/suite/encryption/r/filekeys_secret_too_long.result
...l-test/suite/encryption/r/filekeys_secret_too_long.result
+10
-0
mysql-test/suite/encryption/t/filekeys-data-too-long.key
mysql-test/suite/encryption/t/filekeys-data-too-long.key
+4
-0
mysql-test/suite/encryption/t/filekeys_secret_too_long.opt
mysql-test/suite/encryption/t/filekeys_secret_too_long.opt
+3
-0
mysql-test/suite/encryption/t/filekeys_secret_too_long.test
mysql-test/suite/encryption/t/filekeys_secret_too_long.test
+4
-0
plugin/file_key_management/parser.cc
plugin/file_key_management/parser.cc
+12
-1
No files found.
mysql-test/suite/encryption/r/filekeys_secret_too_long.result
0 → 100644
View file @
cee7175b
call mtr.add_suppression("the secret file has incorrect length");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND 1 /the secret file has incorrect length/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
# Test checks if opening an too large secret does not crash the server.
mysql-test/suite/encryption/t/filekeys-data-too-long.key
0 → 100644
View file @
cee7175b
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
mysql-test/suite/encryption/t/filekeys_secret_too_long.opt
0 → 100644
View file @
cee7175b
--loose-file-key-management-filekey=FILE:$MTR_SUITE_DIR/t/filekeys-data-too-long.key
--loose-file-key-management-filename=$MTR_SUITE_DIR/t/filekeys-data.enc
mysql-test/suite/encryption/t/filekeys_secret_too_long.test
0 → 100644
View file @
cee7175b
let
SEARCH_PATTERN
=
the
secret
file
has
incorrect
length
;
source
filekeys_badtest
.
inc
;
--
echo
# Test checks if opening an too large secret does not crash the server.
plugin/file_key_management/parser.cc
View file @
cee7175b
...
...
@@ -174,13 +174,24 @@ bool Parser::read_filekey(const char *filekey, char *secret)
return
1
;
}
int
len
=
read
(
f
,
secret
,
MAX_SECRET_SIZE
);
int
len
=
read
(
f
,
secret
,
MAX_SECRET_SIZE
+
1
);
if
(
len
<=
0
)
{
my_error
(
EE_READ
,
ME_ERROR_LOG
,
filekey
,
errno
);
close
(
f
);
return
1
;
}
if
(
len
>
MAX_SECRET_SIZE
)
{
my_printf_error
(
EE_READ
,
"Cannot decrypt %s, the secret file has incorrect length, "
"max secret size is %dB "
,
ME_ERROR_LOG
,
filekey
,
MAX_SECRET_SIZE
);
close
(
f
);
return
1
;
}
close
(
f
);
while
(
secret
[
len
-
1
]
==
'\r'
||
secret
[
len
-
1
]
==
'\n'
)
len
--
;
secret
[
len
]
=
'\0'
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment