[MDEV-8078] Memory disclosure/buffer overread on audit plugin - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: N/A
Fix Version/s: 5.5.44
Component/s: Plugin - Audit
Labels:

Sprint:
5.5.44

Description

after executing a query, a buffer overread is happening while writing the query on the audit file. this bug will happen with the current version (1.3.0)

the query looks like: SET PASSWORD FOR `monitor`@`localhost` = password('test123');
the output looks like: 20150429 11:54:31,hostname123,root,localhost,109,442,QUERY,,'SET PASSWORD FOR `monitor`@`localhost`=<secret>*****�)1P��)root)�-��XM.localhost

Attachments

Activity

Ascending order - Click to sort in descending order

Hans-Joachim Kliemeck created issue - 2015-04-29 13:48

Hans-Joachim Kliemeck made changes - 2015-04-29 13:49

Field	Original Value	New Value
Description	after executing a query, a buffer overread is happening while writing the query on the audit file. the query looks like: SET PASSWORD FOR `monitor`@`localhost` = password('test123'); the output looks like: 20150429 11:54:31,test-iason,root,localhost,109,442,QUERY,,'SET PASSWORD FOR `monitor`@`localhost`=<secret>*****�)1P��)root)�-��XM.localhost	after executing a query, a buffer overread is happening while writing the query on the audit file. this bug will happen with the current version (1.3.0) the query looks like: SET PASSWORD FOR `monitor`@`localhost` = password('test123'); the output looks like: 20150429 11:54:31,test-iason,root,localhost,109,442,QUERY,,'SET PASSWORD FOR `monitor`@`localhost`=<secret>*****�)1P��)root)�-��XM.localhost

Hans-Joachim Kliemeck made changes - 2015-04-29 13:51

Description

after executing a query, a buffer overread is happening while writing the query on the audit file. this bug will happen with the current version (1.3.0)

the query looks like: SET PASSWORD FOR `monitor`@`localhost` = password('test123');
the output looks like: 20150429 11:54:31,test-iason,root,localhost,109,442,QUERY,,'SET PASSWORD FOR `monitor`@`localhost`=<secret>*****�)1P��)root)�-��XM.localhost

after executing a query, a buffer overread is happening while writing the query on the audit file. this bug will happen with the current version (1.3.0)

the query looks like: SET PASSWORD FOR `monitor`@`localhost` = password('test123');
the output looks like: 20150429 11:54:31,hostname123,root,localhost,109,442,QUERY,,'SET PASSWORD FOR `monitor`@`localhost`=<secret>*****�)1P��)root)�-��XM.localhost

Elena Stepanova made changes - 2015-04-29 14:34

Labels

audit server_audit

audit need_feedback server_audit

Elena Stepanova made changes - 2015-04-29 18:14

Fix Version/s		10.1 [ 16100 ]
Fix Version/s		10.0 [ 16000 ]
Fix Version/s		5.5 [ 15800 ]
Affects Version/s		N/A [ 14700 ]
Affects Version/s	5.5.43 [ 18601 ]
Assignee		Alexey Botchkov [ holyfoot ]
Labels	audit need_feedback server_audit	audit server_audit verified

Rasmus Johansson (Inactive) made changes - 2015-05-18 17:51

Workflow

MariaDB v2 [ 60725 ]

MariaDB v3 [ 66792 ]

Sergei Golubchik made changes - 2015-06-02 17:25

Sprint

Sprint 1 [ 4 ]

Alexey Botchkov made changes - 2015-06-06 19:43

Status

Open [ 1 ]

In Progress [ 3 ]

Alexey Botchkov made changes - 2015-06-07 16:07

Fix Version/s		5.5.44 [ 19100 ]
Fix Version/s	5.5 [ 15800 ]
Fix Version/s	10.0 [ 16000 ]
Fix Version/s	10.1 [ 16100 ]
Resolution		Fixed [ 1 ]
Status	In Progress [ 3 ]	Closed [ 6 ]

Sergei Golubchik made changes - 2021-12-06 21:41

Workflow

MariaDB v3 [ 66792 ]

MariaDB v4 [ 149111 ]

People

Assignee:: Alexey Botchkov

Reporter:: Hans-Joachim Kliemeck

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2015-04-29 13:48

Updated:: 2015-06-07 16:07

Resolved:: 2015-06-07 16:07

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Activity

People

Dates

Git Integration