Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25197

The statement set password=password('') executed in PS mode fails in case it is run by a user with expired password

    XMLWordPrintable

    Details

      Description

      A user with an expired password connected to a server can't assign new password with the statement "SET password=..." if the statement is run in PS mode, for example when it is submitted to server via binary protocol.

      Test case is below.

      CREATE USER user1@localhost PASSWORD EXPIRE
      		 
      SET GLOBAL disconnect_on_expired_password=OFF;
      		 
      connect(con1,localhost,user1);
      		 
      connection con1;
      		 
      --error ER_MUST_CHANGE_PASSWORD
      		 
      select 1;
      		 
       
      		 
      -- The following statement fails with the error ER_MUST_CHANGE_PASSWORD.
      		 
      PREPARE stmt FROM "SET password=password('')";

      In case the statement

      SET password=password('');

      is run as a regular statement it is executed successfully.

        Attachments

          Issue Links

          blocks

          Task - A task that needs to be done. MDEV-16708 Unsupported commands for prepared statements

          • Critical - Crashes, loss of data, severe memory leak.
          • In Progress
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-25413 should_send_column_info(): Assertion `cmd == COM_STMT_EXECUTE || cmd == COM_STMT_PREPARE' failed

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

            Activity

              People

              Assignee:
              shulga Dmitry Shulga
              Reporter:
              shulga Dmitry Shulga
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: