Fix for a security flaw in database hash

2026-01-06 05:22:24 +03:00 · 2002-08-07 21:57:32 +03:00
parent 042facc475
commit 04e7beecf5
2 changed files with 4 additions and 0 deletions
--- a/Docs/manual.texi
+++ b/Docs/manual.texi
@@ -46928,6 +46928,8 @@ not yet 100% confident in this code.
@appendixsubsec Changes in release 3.23.52
@itemize @bullet
@item
+Fixed  a security bug with empty db column in db table
+@item
 Changed initialisation of @code{RND()} to make it less predicatable.
@item
 Fixed problem with @code{GROUP BY} on result with expression that created a
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -242,6 +242,8 @@ int  acl_init(bool dont_read_acl_tables)
    ACL_DB db;
    update_hostname(&db.host,get_field(&mem, table,0));
    db.db=get_field(&mem, table,1);
+    if (!db.db || !db.db[0])
+      continue;
    db.user=get_field(&mem, table,2);
    db.access=get_access(table,3);
    db.access=fix_rights_for_db(db.access);