[MDEV-38365] SHA2 auth plugin crash on large packets - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 11.4, 11.8
Fix Version/s: 11.4.10, 11.8.6, 12.2.2
Component/s: Authentication and Privilege System
Labels:
- docs_ok
- docs_releasenotes

Bug Category:
Can result in hang or crash
Sprint:
Q1/2026 Server Maintenance

Description

plugin's auth() function sends the packet to sha256_crypt_r() which uses alloca() to get the buffer of the packet's size. If the packet is too big, this will exhaust the stack and crash

Reported by Pavel Kohout, Aisle Research.

Attachments

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Sergei Golubchik

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2025-12-17 21:19

Updated:: 27 minutes ago

Resolved:: 5 days ago 10:48

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.