From 1512078a7a56779d6fdd307a93187b61494de897 Mon Sep 17 00:00:00 2001 From: Nirbhay Choubey Date: Fri, 29 Apr 2016 10:50:39 -0400 Subject: [PATCH] MDEV-9851: CREATE USER w/o IDENTIFIED BY clause causes crash when using cracklib plugin Do not allow NULL password to pass directly to password validation plugin. --- mysql-test/suite/plugins/r/cracklib_password_check.result | 6 ++++++ mysql-test/suite/plugins/r/simple_password_check.result | 2 ++ mysql-test/suite/plugins/t/cracklib_password_check.test | 8 ++++++++ mysql-test/suite/plugins/t/simple_password_check.test | 4 ++++ sql/sql_acl.cc | 4 +++- 5 files changed, 23 insertions(+), 1 deletion(-) diff --git a/mysql-test/suite/plugins/r/cracklib_password_check.result b/mysql-test/suite/plugins/r/cracklib_password_check.result index 638f138b986..dc31cb6d044 100644 --- a/mysql-test/suite/plugins/r/cracklib_password_check.result +++ b/mysql-test/suite/plugins/r/cracklib_password_check.result @@ -39,6 +39,12 @@ Warning 1819 cracklib: it is based on a dictionary word Error 1819 Your password does not satisfy the current policy requirements grant select on *.* to foobar identified by 'q$%^&*rty'; drop user foobar; +# +# MDEV-9851: CREATE USER w/o IDENTIFIED BY clause causes crash +# when using cracklib plugin +# +create user 'newuser'@'localhost'; +ERROR HY000: Your password does not satisfy the current policy requirements uninstall plugin cracklib_password_check; create user foo1 identified by 'pwd'; drop user foo1; diff --git a/mysql-test/suite/plugins/r/simple_password_check.result b/mysql-test/suite/plugins/r/simple_password_check.result index c21298cea33..bbb96bb8c38 100644 --- a/mysql-test/suite/plugins/r/simple_password_check.result +++ b/mysql-test/suite/plugins/r/simple_password_check.result @@ -72,6 +72,8 @@ READ_ONLY NO COMMAND_LINE_ARGUMENT REQUIRED create user foo1 identified by 'pwd'; ERROR HY000: Your password does not satisfy the current policy requirements +create user foo1; +ERROR HY000: Your password does not satisfy the current policy requirements grant select on *.* to foo1 identified by 'pwd'; ERROR HY000: Your password does not satisfy the current policy requirements grant select on *.* to `FooBar1!` identified by 'FooBar1!'; diff --git a/mysql-test/suite/plugins/t/cracklib_password_check.test b/mysql-test/suite/plugins/t/cracklib_password_check.test index d0e05fed926..89b53b656d6 100644 --- a/mysql-test/suite/plugins/t/cracklib_password_check.test +++ b/mysql-test/suite/plugins/t/cracklib_password_check.test @@ -30,6 +30,14 @@ show warnings; grant select on *.* to foobar identified by 'q$%^&*rty'; drop user foobar; +--echo # +--echo # MDEV-9851: CREATE USER w/o IDENTIFIED BY clause causes crash +--echo # when using cracklib plugin +--echo # + +--error ER_NOT_VALID_PASSWORD +create user 'newuser'@'localhost'; + uninstall plugin cracklib_password_check; create user foo1 identified by 'pwd'; diff --git a/mysql-test/suite/plugins/t/simple_password_check.test b/mysql-test/suite/plugins/t/simple_password_check.test index bfe3464f5f9..4965ee492d2 100644 --- a/mysql-test/suite/plugins/t/simple_password_check.test +++ b/mysql-test/suite/plugins/t/simple_password_check.test @@ -16,6 +16,10 @@ select * from information_schema.system_variables where variable_name like 'simp --error ER_NOT_VALID_PASSWORD create user foo1 identified by 'pwd'; +# Create user with no password. +--error ER_NOT_VALID_PASSWORD +create user foo1; + --error ER_NOT_VALID_PASSWORD grant select on *.* to foo1 identified by 'pwd'; diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 95b90c263ee..7db7d2cf3fb 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -899,7 +899,9 @@ static bool validate_password(LEX_USER *user) { if (user->pwtext.length || !user->pwhash.length) { - struct validation_data data= { &user->user, &user->pwtext }; + struct validation_data data= { &user->user, + user->pwtext.str ? &user->pwtext : + const_cast(&empty_lex_str) }; if (plugin_foreach(NULL, do_validate, MariaDB_PASSWORD_VALIDATION_PLUGIN, &data)) {