mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 03:52:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDEV-25343 add read secret size in file key plugin

Browse source
This commit is contained in:
kurt 2022-09-21 11:29:07 +08:00 committed by Daniel Black
parent 64d85c369b
commit cee7175b79
5 changed files with 33 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
mysql-test/suite/encryption/r/filekeys_secret_too_long.result Normal file
View file

@ -0,0 +1,10 @@
call mtr.add_suppression("the secret file has incorrect length");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND 1 /the secret file has incorrect length/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
# Test checks if opening an too large secret does not crash the server.

4
mysql-test/suite/encryption/t/filekeys-data-too-long.key Normal file
View file

@ -0,0 +1,4 @@
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret

3
mysql-test/suite/encryption/t/filekeys_secret_too_long.opt Normal file
View file

@ -0,0 +1,3 @@
--loose-file-key-management-filekey=FILE:$MTR_SUITE_DIR/t/filekeys-data-too-long.key
--loose-file-key-management-filename=$MTR_SUITE_DIR/t/filekeys-data.enc

4
mysql-test/suite/encryption/t/filekeys_secret_too_long.test Normal file
View file

@ -0,0 +1,4 @@
let SEARCH_PATTERN=the secret file has incorrect length;
source filekeys_badtest.inc;
--echo # Test checks if opening an too large secret does not crash the server.

13
plugin/file_key_management/parser.cc
View file

@ -174,13 +174,24 @@ bool Parser::read_filekey(const char *filekey, char *secret)
return 1;
}
int len= read(f, secret, MAX_SECRET_SIZE);
int len= read(f, secret, MAX_SECRET_SIZE + 1);
if (len <= 0)
{
my_error(EE_READ,ME_ERROR_LOG, filekey, errno);
close(f);
return 1;
}
if (len > MAX_SECRET_SIZE)
{
my_printf_error(EE_READ,
"Cannot decrypt %s, the secret file has incorrect length, "
"max secret size is %dB ",
ME_ERROR_LOG, filekey, MAX_SECRET_SIZE);
close(f);
return 1;
}
close(f);
while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--;
secret[len]= '\0';