Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-39274

Extra hardening of the parser for the ClientHello packet

    XMLWordPrintable

Details

    • Bug
    • Status: In Review (View Workflow)
    • Critical
    • Resolution: Unresolved
    • 13.0
    • 13.0
    • None
    • None

    Description

      Problem:

      If the username terminator is the last byte in the packet, passwd can reach the end of the packet buffer. The code then dereferences *passwd before checking bounds, leading to a potential out-of-bounds read, if the whole packet was never zero terminated by the lower layers.

      Fix: Add a boundary check DEBUG_ASSERT before the dereference.

      Attachments

        Activity

          People

            wlad Vladislav Vaintroub
            gkodinov Georgi Kodinov
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.