Bug#11765108 (Bug#58036) client utf32, utf16, ucs2 should be disallowed, they crash server

Problem: ucs2 was correctly disallowed in "SET NAMES" only, while mysql_real_connect() and mysql_change_user() still allowed to use ucs2, which made server crash. Fix: disallow ucs2 in mysql_real_connect() and mysql_change_user(). @ sql/set_var.cc Using new function. @ sql/sql_acl.cc - Return error if character set initialization failed - Getting rid of pointer aliasing: Initialize user_name to NULL, to avoid double free(). @ sql/sql_connect.cc - in case of unsupported client character set send error and return true - in case of success return false @ sql/sql_connect.h - changing return type for thd_init_client_charset() to bool, to return errors to the caller @ sql/sql_parse.h - introducing a new function, to reuse in all places where we need to check client character set. @ tests/mysql_client_test.c Adding test
2025-07-27 18:02:13 +03:00 · 2011-02-18 12:46:55 +03:00
parent 498ff4468d
commit b97cdadbe8
6 changed files with 106 additions and 10 deletions
--- a/tests/mysql_client_test.c
+++ b/tests/mysql_client_test.c
@ -19288,6 +19288,72 @@ static void test_bug47485()
 }


+/*
+  Bug#58036 client utf32, utf16, ucs2 should be disallowed, they crash server
+*/
+static void test_bug58036()
+{
+  MYSQL *conn;
+  DBUG_ENTER("test_bug47485");
+  myheader("test_bug58036");
+
+  /* Part1: try to connect with ucs2 client character set */
+  conn= mysql_client_init(NULL);
+  mysql_options(conn, MYSQL_SET_CHARSET_NAME, "ucs2");
+  if (mysql_real_connect(conn, opt_host, opt_user,
+                         opt_password,  opt_db ? opt_db : "test",
+                         opt_port, opt_unix_socket, 0))
+  {
+    if (!opt_silent)
+      printf("mysql_real_connect() succeeded (failure expected)\n");
+    mysql_close(conn);
+    DIE();
+  }
+
+  if (!opt_silent)
+    printf("Got mysql_real_connect() error (expected): %s (%d)\n",
+           mysql_error(conn), mysql_errno(conn));  
+  DIE_UNLESS(mysql_errno(conn) == ER_WRONG_VALUE_FOR_VAR);
+  mysql_close(conn);
+
+
+  /*
+    Part2:
+    - connect with latin1
+    - then change client character set to ucs2
+    - then try mysql_change_user()
+  */
+  conn= mysql_client_init(NULL);
+  mysql_options(conn, MYSQL_SET_CHARSET_NAME, "latin1");
+  if (!mysql_real_connect(conn, opt_host, opt_user,
+                         opt_password, opt_db ? opt_db : "test",
+                         opt_port, opt_unix_socket, 0))
+  {
+    if (!opt_silent)
+      printf("mysql_real_connect() failed: %s (%d)\n",
+             mysql_error(conn), mysql_errno(conn));
+    mysql_close(conn);
+    DIE();
+  }
+
+  mysql_options(conn, MYSQL_SET_CHARSET_NAME, "ucs2");
+  if (!mysql_change_user(conn, opt_user, opt_password, NULL))
+  {
+    if (!opt_silent)
+      printf("mysql_change_user() succedded, error expected!");
+    mysql_close(conn);
+    DIE();
+  }
+
+  if (!opt_silent)
+    printf("Got mysql_change_user() error (expected): %s (%d)\n",
+           mysql_error(conn), mysql_errno(conn));
+  mysql_close(conn);
+
+  DBUG_VOID_RETURN;
+}
+
+
 /*
  Bug#49972: Crash in prepared statements.

@ -19770,6 +19836,7 @@ static struct my_tests_st my_tests[]= {
  { "test_bug42373", test_bug42373 },
  { "test_bug54041", test_bug54041 },
  { "test_bug47485", test_bug47485 },
+  { "test_bug58036", test_bug58036 },
  { "test_bug57058", test_bug57058 },
  { 0, 0 }
 };