Commit ed2d0035 authored by Georgi Kodinov's avatar Georgi Kodinov

merged bug 35087 to 5.1-bugteam

parents bf2e29d3 08044795
select des_encrypt('hello');
des_encrypt('hello')
€Ö2nV“Ø}
#
# Bug #11643: des_encrypt() causes server to die
#
CREATE TABLE t1 (des VARBINARY(200) NOT NULL DEFAULT '') ENGINE=MyISAM;
INSERT INTO t1 VALUES ('1234'), ('12345'), ('123456'), ('1234567');
UPDATE t1 SET des=DES_ENCRYPT('1234');
SELECT LENGTH(des) FROM t1;
LENGTH(des)
9
9
9
9
SELECT DES_DECRYPT(des) FROM t1;
DES_DECRYPT(des)
1234
1234
1234
1234
SELECT
LENGTH(DES_ENCRYPT('1234')),
LENGTH(DES_ENCRYPT('12345')),
LENGTH(DES_ENCRYPT('123456')),
LENGTH(DES_ENCRYPT('1234567'));
LENGTH(DES_ENCRYPT('1234')) LENGTH(DES_ENCRYPT('12345')) LENGTH(DES_ENCRYPT('123456')) LENGTH(DES_ENCRYPT('1234567'))
9 9 9 9
SELECT
DES_DECRYPT(DES_ENCRYPT('1234')),
DES_DECRYPT(DES_ENCRYPT('12345')),
DES_DECRYPT(DES_ENCRYPT('123456')),
DES_DECRYPT(DES_ENCRYPT('1234567'));
DES_DECRYPT(DES_ENCRYPT('1234')) DES_DECRYPT(DES_ENCRYPT('12345')) DES_DECRYPT(DES_ENCRYPT('123456')) DES_DECRYPT(DES_ENCRYPT('1234567'))
1234 12345 123456 1234567
DROP TABLE t1;
End of 5.0 tests
......@@ -9,3 +9,31 @@
select des_encrypt('hello');
# End of 4.1 tests
--echo #
--echo # Bug #11643: des_encrypt() causes server to die
--echo #
CREATE TABLE t1 (des VARBINARY(200) NOT NULL DEFAULT '') ENGINE=MyISAM;
INSERT INTO t1 VALUES ('1234'), ('12345'), ('123456'), ('1234567');
UPDATE t1 SET des=DES_ENCRYPT('1234');
SELECT LENGTH(des) FROM t1;
SELECT DES_DECRYPT(des) FROM t1;
SELECT
LENGTH(DES_ENCRYPT('1234')),
LENGTH(DES_ENCRYPT('12345')),
LENGTH(DES_ENCRYPT('123456')),
LENGTH(DES_ENCRYPT('1234567'));
SELECT
DES_DECRYPT(DES_ENCRYPT('1234')),
DES_DECRYPT(DES_ENCRYPT('12345')),
DES_DECRYPT(DES_ENCRYPT('123456')),
DES_DECRYPT(DES_ENCRYPT('1234567'));
DROP TABLE t1;
--Echo End of 5.0 tests
......@@ -504,17 +504,21 @@ String *Item_func_des_encrypt::val_str(String *str)
string marking change of string length.
*/
tail= (8-(res_length) % 8); // 1..8 marking extra length
tail= 8 - (res_length % 8); // 1..8 marking extra length
res_length+=tail;
tmp_arg.realloc(res_length);
tmp_arg.length(0);
tmp_arg.append(res->ptr(), res->length());
code= ER_OUT_OF_RESOURCES;
if (tail && res->append(append_str, tail) || tmp_value.alloc(res_length+1))
if (tmp_arg.append(append_str, tail) || tmp_value.alloc(res_length+1))
goto error;
(*res)[res_length-1]=tail; // save extra length
tmp_arg[res_length-1]=tail; // save extra length
tmp_value.realloc(res_length+1);
tmp_value.length(res_length+1);
tmp_value[0]=(char) (128 | key_number);
// Real encryption
bzero((char*) &ivec,sizeof(ivec));
DES_ede3_cbc_encrypt((const uchar*) (res->ptr()),
DES_ede3_cbc_encrypt((const uchar*) (tmp_arg.ptr()),
(uchar*) (tmp_value.ptr()+1),
res_length,
&keyschedule.ks1,
......
......@@ -293,13 +293,17 @@ class Item_func_old_password :public Item_str_func
class Item_func_des_encrypt :public Item_str_func
{
String tmp_value;
String tmp_value,tmp_arg;
public:
Item_func_des_encrypt(Item *a) :Item_str_func(a) {}
Item_func_des_encrypt(Item *a, Item *b): Item_str_func(a,b) {}
String *val_str(String *);
void fix_length_and_dec()
{ maybe_null=1; max_length = args[0]->max_length+8; }
{
maybe_null=1;
/* 9 = MAX ((8- (arg_len % 8)) + 1) */
max_length = args[0]->max_length + 9;
}
const char *func_name() const { return "des_encrypt"; }
};
......@@ -310,7 +314,12 @@ class Item_func_des_decrypt :public Item_str_func
Item_func_des_decrypt(Item *a) :Item_str_func(a) {}
Item_func_des_decrypt(Item *a, Item *b): Item_str_func(a,b) {}
String *val_str(String *);
void fix_length_and_dec() { maybe_null=1; max_length = args[0]->max_length; }
void fix_length_and_dec()
{
maybe_null=1;
/* 9 = MAX ((8- (arg_len % 8)) + 1) */
max_length = args[0]->max_length - 9;
}
const char *func_name() const { return "des_decrypt"; }
};
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment