database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

MDEV-25343 add read secret size in file key plugin

Browse Source
This commit is contained in:
kurt
2022-09-21 11:29:07 +08:00
committed by Daniel Black
parent 64d85c369b
commit cee7175b79
5 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
mysql-test/suite/encryption/r/filekeys_secret_too_long.result Normal file
View File

@ -0,0 +1,10 @@
call mtr.add_suppression("the secret file has incorrect length");
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
FOUND 1 /the secret file has incorrect length/ in mysqld.1.err
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
select plugin_status from information_schema.plugins
where plugin_name = 'file_key_management';
plugin_status
# Test checks if opening an too large secret does not crash the server.

4
mysql-test/suite/encryption/t/filekeys-data-too-long.key Normal file
View File

@ -0,0 +1,4 @@
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret
secretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecretsecret

3
mysql-test/suite/encryption/t/filekeys_secret_too_long.opt Normal file
View File

@ -0,0 +1,3 @@
--loose-file-key-management-filekey=FILE:$MTR_SUITE_DIR/t/filekeys-data-too-long.key
--loose-file-key-management-filename=$MTR_SUITE_DIR/t/filekeys-data.enc

4
mysql-test/suite/encryption/t/filekeys_secret_too_long.test Normal file
View File

@ -0,0 +1,4 @@
let SEARCH_PATTERN=the secret file has incorrect length;
source filekeys_badtest.inc;
--echo # Test checks if opening an too large secret does not crash the server.

13
plugin/file_key_management/parser.cc
View File

@ -174,13 +174,24 @@ bool Parser::read_filekey(const char *filekey, char *secret)
return 1; return 1;
} }
int len= read(f, secret, MAX_SECRET_SIZE); int len= read(f, secret, MAX_SECRET_SIZE + 1);
if (len <= 0) if (len <= 0)
{ {
my_error(EE_READ,ME_ERROR_LOG, filekey, errno); my_error(EE_READ,ME_ERROR_LOG, filekey, errno);
close(f); close(f);
return 1; return 1;
} }
if (len > MAX_SECRET_SIZE)
{
my_printf_error(EE_READ,
"Cannot decrypt %s, the secret file has incorrect length, "
"max secret size is %dB ",
ME_ERROR_LOG, filekey, MAX_SECRET_SIZE);
close(f);
return 1;
}
close(f); close(f);
while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--; while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--;
secret[len]= '\0'; secret[len]= '\0';