List:Commits« Previous MessageNext Message »
From:Georgi Kodinov Date:January 24 2011 2:51pm
Subject:bzr commit into mysql-5.5 branch (Georgi.Kodinov:3272) Bug#59453
View as plain text  
#At file:///Users/kgeorge/mysql/work/B59453-5.5/ based on revid:anders.song@stripped

 3272 Georgi Kodinov	2011-01-14
      Bug #59453: Non-ASCIIZ string kills protocol extensibility in MySQL 5.5
      
      When the server sends the name of the plugin it's using in the handshake 
      packet it was null terminating it in it's buffer, but was sending a length of 
      the packet 1 byte short.
      Fixed to send the terminating 0 as well by increasing the length of the 
      packet to include it. 
      In this way the handshake packet becomes similar to the change user packet
      where the plugin name is null terminated.
      No test suite added as the fix can only be observed by analyzing the bytes
      sent over the wire.

    modified:
      sql/sql_acl.cc
=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc	2010-12-17 11:11:34 +0000
+++ b/sql/sql_acl.cc	2011-01-14 15:48:11 +0000
@@ -8014,7 +8014,7 @@ static bool send_server_handshake_packet
   end= strmake(end, plugin_name(mpvio->plugin)->str,
                     plugin_name(mpvio->plugin)->length);
 
-  int res= my_net_write(mpvio->net, (uchar*) buff, (size_t) (end - buff)) ||
+  int res= my_net_write(mpvio->net, (uchar*) buff, (size_t) (end - buff + 1)) ||
            net_flush(mpvio->net);
   my_afree(buff);
   DBUG_RETURN (res);


Attachment: [text/bzr-bundle] bzr/georgi.kodinov@oracle.com-20110114154811-9uac3b7a9ra5ipv3.bundle
Thread
bzr commit into mysql-5.5 branch (Georgi.Kodinov:3272) Bug#59453Georgi Kodinov24 Jan