mirror of
https://github.com/MariaDB/server.git
synced 2026-01-20 10:24:49 +01:00
8437643a36
When a client connects with CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA capability and a password >= 251 bytes, the server incorrectly calculates the database name pointer. For passwords >= 251 bytes, LENENC uses a 3-byte prefix (0xFC + 2 bytes), but the old code assumed a 1-byte prefix. Fix by using the passwd pointer which has already been advanced past the length prefix by safe_net_field_length_ll(). Also fix db pointer calculation for old protocol (!CLIENT_SECURE_CONNECTION) where the password is null-terminated and needs +1 to skip the terminator.
35 lines
1.6 KiB
Text
35 lines
1.6 KiB
Text
#
|
|
# Setup
|
|
#
|
|
INSTALL PLUGIN IF NOT EXISTS cleartext_plugin_server SONAME '';
|
|
Warnings:
|
|
Note 1968 Plugin 'cleartext_plugin_server' already installed
|
|
CREATE DATABASE mdev38431_db;
|
|
#
|
|
# Test 1: Short password - baseline test
|
|
#
|
|
CREATE USER shortuser IDENTIFIED VIA cleartext_plugin_server USING 'secret';
|
|
GRANT ALL ON *.* TO shortuser;
|
|
db
|
|
mdev38431_db
|
|
#
|
|
# Test 2: Long password 260 bytes (triggers 3-byte LENENC)
|
|
# Before fix: ERROR 1044 Access denied to database 'X' (garbage char)
|
|
# After fix: Connects to mdev38431_db correctly
|
|
#
|
|
CREATE USER longuser IDENTIFIED VIA cleartext_plugin_server USING 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
|
|
GRANT ALL ON *.* TO longuser;
|
|
db
|
|
mdev38431_db
|
|
#
|
|
# Test 3: Even longer password 500 bytes
|
|
#
|
|
CREATE USER verylonguser IDENTIFIED VIA cleartext_plugin_server USING 'bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb';
|
|
GRANT ALL ON *.* TO verylonguser;
|
|
db
|
|
mdev38431_db
|
|
#
|
|
# Cleanup
|
|
#
|
|
DROP USER shortuser, longuser, verylonguser;
|
|
DROP DATABASE mdev38431_db;
|