summaryrefslogtreecommitdiff
path: root/plugin
diff options
context:
space:
mode:
authorMarko Mäkelä <marko.makela@mariadb.com>2022-10-25 10:04:37 +0300
committerMarko Mäkelä <marko.makela@mariadb.com>2022-10-25 10:04:37 +0300
commit667d3fbbb51044b20d23150992adbbad1f04aad8 (patch)
tree6bf1006a9ea5e68f18387205bd224e7c5698278f /plugin
parentf19e8559aa3f46c0be427c9bd6534432bc08160c (diff)
parent34ff5ca8952ff58d99be5028a5920bfe5268f17a (diff)
downloadmariadb-git-667d3fbbb51044b20d23150992adbbad1f04aad8.tar.gz
Merge 10.3 into 10.4
Diffstat (limited to 'plugin')
-rw-r--r--plugin/cracklib_password_check/cracklib_password_check.c2
-rw-r--r--plugin/file_key_management/parser.cc15
2 files changed, 13 insertions, 4 deletions
diff --git a/plugin/cracklib_password_check/cracklib_password_check.c b/plugin/cracklib_password_check/cracklib_password_check.c
index 20294b070e7..470e6e5280f 100644
--- a/plugin/cracklib_password_check/cracklib_password_check.c
+++ b/plugin/cracklib_password_check/cracklib_password_check.c
@@ -13,10 +13,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA */
+#include <my_global.h>
#include <mysql/plugin_password_validation.h>
#include <crack.h>
#include <string.h>
-#include <alloca.h>
#include <mysqld_error.h>
static char *dictionary;
diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc
index 818c026495f..57e0139a57d 100644
--- a/plugin/file_key_management/parser.cc
+++ b/plugin/file_key_management/parser.cc
@@ -162,19 +162,28 @@ bool Parser::read_filekey(const char *filekey, char *secret)
int f= open(filekey, O_RDONLY|O_BINARY);
if (f == -1)
{
- my_error(EE_FILENOTFOUND,ME_ERROR_LOG, filekey, errno);
+ my_error(EE_FILENOTFOUND, ME_ERROR_LOG, filekey, errno);
return 1;
}
- int len= read(f, secret, MAX_SECRET_SIZE);
+ int len= read(f, secret, MAX_SECRET_SIZE + 1);
if (len <= 0)
{
- my_error(EE_READ,ME_ERROR_LOG, filekey, errno);
+ my_error(EE_READ, ME_ERROR_LOG, filekey, errno);
close(f);
return 1;
}
close(f);
+
while (secret[len - 1] == '\r' || secret[len - 1] == '\n') len--;
+ if (len > MAX_SECRET_SIZE)
+ {
+ my_printf_error(EE_READ,
+ "Cannot read %s, the filekey is too long, "
+ "max secret size is %dB ",
+ ME_ERROR_LOG, filekey, MAX_SECRET_SIZE);
+ return 1;
+ }
secret[len]= '\0';
return 0;
}