maria-developers team mailing list archive

Thread
Date

Re: 7807d9b6939: MDEV-22974: mysql_native_password make "invalid" valid

To: Daniel Black <daniel@xxxxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Fri, 30 Oct 2020 18:45:14 +0100
Cc: maria-developers <maria-developers@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CABVffENc2aUFWgf407SHmPaMK3O3H_bv5_+V0GW+pn7fi02g_g@mail.gmail.com>

Hi, Daniel!

On Oct 26, Daniel Black wrote:
> On Thu, Oct 22, 2020 at 8:25 PM Sergei Golubchik <serg@xxxxxxxxxxx> wrote:
> >
> > Hi, Daniel!
> >
> > On Oct 22, Daniel Black wrote:
> > > @@ -14539,6 +14539,12 @@ static int native_password_get_salt(const char *hash, size_t hash_length,
> > >
> > >    if (hash_length != SCRAMBLED_PASSWORD_CHAR_LENGTH)
> > >    {
> > > +    if (hash_length == 7 && strcmp(hash, "invalid") == 0)
> > > +    {
> > > +      memcpy(out, "invalid", 7);
> > > +      *out_length= 7;
> > > +      return 0;
> > > +    }
> >
> > okay. After you said ASAN, I think I can see why this could be
> > problematic.
> >
> Updated:

I don't see why you did it that complex with invalid_password and
everything. It seems you could've fixed the ASAN error from your first
patch with just

@@ -14498,7 +14498,7 @@ static int native_password_authenticate(MYSQL_PLUGIN_VI>
   info->password_used= PASSWORD_USED_YES;
   if (pkt_len == SCRAMBLE_LENGTH)
   {
-    if (!info->auth_string_length)
+    if (info->auth_string_length != SCRAMBLE_LENGTH)
       DBUG_RETURN(CR_AUTH_USER_CREDENTIALS);

     if (check_scramble(pkt, thd->scramble, (uchar*)info->auth_string))

Regards,
Sergei
VP of MariaDB Server Engineering
and security@xxxxxxxxxxx

Follow ups

Re: 7807d9b6939: MDEV-22974: mysql_native_password make "invalid" valid
From: Daniel Black, 2020-10-30

References

Re: 7807d9b6939: MDEV-22974: mysql_native_password make "invalid" valid
From: Sergei Golubchik, 2020-10-22
Re: 7807d9b6939: MDEV-22974: mysql_native_password make "invalid" valid
From: Daniel Black, 2020-10-26