From ebe194954088cccd8e80b97a86b4e5602ddfca13 Mon Sep 17 00:00:00 2001
From: Georg Richter <georg@mariadb.com>
Date: Thu, 22 Feb 2024 09:03:51 +0100
Subject: [PATCH] Fix for CONC-505:

Don't allow to specify unsupported client flags (like
CLIENT_DEPRECATE_EOF) as client flag in mysql_real_connect
api function.
---
 include/errmsg.h                 |  3 ++-
 include/mariadb_com.h            |  8 +++++++-
 libmariadb/ma_errmsg.c           |  1 +
 libmariadb/mariadb_lib.c         |  8 ++++++++
 unittest/libmariadb/connection.c | 26 ++++++++++++++++++++++++++
 5 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/include/errmsg.h b/include/errmsg.h
index 4afe8e8a..f22db164 100644
--- a/include/errmsg.h
+++ b/include/errmsg.h
@@ -114,10 +114,11 @@ extern const char *mariadb_client_errors[];	/* Error messages */
 #define CR_BINLOG_ERROR 5021
 #define CR_BINLOG_INVALID_FILE 5022
 #define CR_BINLOG_SEMI_SYNC_ERROR 5023
+#define CR_INVALID_CLIENT_FLAG 5024
 
 /* Always last, if you add new error codes please update the
    value for CR_MARIADB_LAST_ERROR */
-#define CR_MARIADB_LAST_ERROR CR_BINLOG_INVALID_FILE
+#define CR_MARIADB_LAST_ERROR CR_INVALID_CLIENT_FLAG
 
 #endif
 
diff --git a/include/mariadb_com.h b/include/mariadb_com.h
index 67461b4f..9ffdacd3 100644
--- a/include/mariadb_com.h
+++ b/include/mariadb_com.h
@@ -205,11 +205,17 @@ enum enum_server_command
                                  CLIENT_MULTI_STATEMENTS |\
                                  CLIENT_MULTI_RESULTS |\
                                  CLIENT_PROGRESS |\
-		                 CLIENT_SSL_VERIFY_SERVER_CERT |\
+                                 CLIENT_SSL_VERIFY_SERVER_CERT |\
                                  CLIENT_REMEMBER_OPTIONS |\
                                  CLIENT_PLUGIN_AUTH |\
                                  CLIENT_SESSION_TRACKING |\
                                  CLIENT_CONNECT_ATTRS)
+#define CLIENT_ALLOWED_FLAGS     ((CLIENT_SUPPORTED_FLAGS |\
+                                 CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA |\
+                                 CLIENT_CAN_HANDLE_EXPIRED_PASSWORDS |\
+                                 CLIENT_ZSTD_COMPRESSION |\
+                                 CLIENT_PS_MULTI_RESULTS |\
+                                 CLIENT_REMEMBER_OPTIONS) & ~CLIENT_MYSQL)
 #define CLIENT_CAPABILITIES	    (CLIENT_MYSQL | \
                                  CLIENT_LONG_FLAG |\
                                  CLIENT_TRANSACTIONS |\
diff --git a/libmariadb/ma_errmsg.c b/libmariadb/ma_errmsg.c
index 1f3fa408..90218573 100644
--- a/libmariadb/ma_errmsg.c
+++ b/libmariadb/ma_errmsg.c
@@ -118,6 +118,7 @@ const char *mariadb_client_errors[] =
   /* 5021 */ "Binary log error (File: %.*s start_pos=%ld): %s.",
   /* 5022 */ "File '%s' is not a binary log file",
   /* 5023 */ "Semi sync request error: %s",
+  /* 5024 */ "Invalid client flags (%lu) specified. Supported flags: %lu",
   ""
 };
 
diff --git a/libmariadb/mariadb_lib.c b/libmariadb/mariadb_lib.c
index c9253ec1..4c8af327 100644
--- a/libmariadb/mariadb_lib.c
+++ b/libmariadb/mariadb_lib.c
@@ -1433,6 +1433,14 @@ mysql_real_connect(MYSQL *mysql, const char *host, const char *user,
   char *connection_handler= (mysql->options.extension) ?
                             mysql->options.extension->connection_handler : 0;
 
+  if ((client_flag & CLIENT_ALLOWED_FLAGS) != client_flag)
+  {
+    my_set_error(mysql, CR_INVALID_CLIENT_FLAG, SQLSTATE_UNKNOWN,
+                 ER(CR_INVALID_CLIENT_FLAG),
+                 client_flag, CLIENT_ALLOWED_FLAGS);
+    return NULL;
+  }
+
   if (!mysql->methods)
     mysql->methods= &MARIADB_DEFAULT_METHODS;
 
diff --git a/unittest/libmariadb/connection.c b/unittest/libmariadb/connection.c
index fa232cad..a10e01bd 100644
--- a/unittest/libmariadb/connection.c
+++ b/unittest/libmariadb/connection.c
@@ -2307,7 +2307,33 @@ static int test_conc632(MYSQL *my __attribute__((unused)))
   return OK;
 }
 
+static int test_conc505(MYSQL *my __attribute__((unused)))
+{
+  MYSQL *mysql= mysql_init(NULL);
+
+#define CLIENT_DEPRECATE_EOF (1ULL << 24)
+
+  if (my_test_connect(mysql, hostname, username, password, schema, port, socketname, CLIENT_DEPRECATE_EOF))
+  {
+    diag("Error expected: Invalid client flag");
+    mysql_close(mysql);
+    return FAIL;
+  }
+  diag("Error (expected): %s", mysql_error(mysql));
+  FAIL_IF(mysql_errno(mysql) != CR_INVALID_CLIENT_FLAG, "Wrong error number");
+  if (!my_test_connect(mysql, hostname, username, password, schema, port, socketname, CLIENT_MULTI_STATEMENTS | CLIENT_MULTI_RESULTS))
+  {
+    diag("Error: %s", mysql_error(mysql));
+    mysql_close(mysql);
+    return FAIL;
+  }
+
+  mysql_close(mysql);
+  return OK;
+}
+
 struct my_tests_st my_tests[] = {
+  {"test_conc505", test_conc505, TEST_CONNECTION_NONE, 0, NULL, NULL},
   {"test_conc632", test_conc632, TEST_CONNECTION_NONE, 0, NULL, NULL},
   {"test_status_callback", test_status_callback, TEST_CONNECTION_NONE, 0, NULL, NULL},
   {"test_conc365", test_conc365, TEST_CONNECTION_NONE, 0, NULL, NULL},