Percona Server moved to https://jira.percona.com/projects/PS

Merge lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033 into lp:percona-server/5.6

  1. 5.6-ps-bug1201033
  2. Merge into 5.6
Proposed by Sergei Glushchenko
Status: Merged
Approved by: Laurynas Biveinis
Approved revision: no longer in the source branch.
Merged at revision: 446
Proposed branch: lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033
Merge into: lp:percona-server/5.6
Diff against target: 37 lines (+15/-3)
3 files modified
Percona-Server/mysql-test/r/percona_bug1201033.result (+3/-0)
Percona-Server/mysql-test/t/percona_bug1201033.test (+5/-0)
Percona-Server/mysys_ssl/my_aes.cc (+7/-3)
To merge this branch: bzr merge lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033
Reviewer Review Type Date Requested Status
Laurynas Biveinis (community) Approve
Review via email: mp+188701@code.launchpad.net

Description of the change

Avoid to invoke EVP_EncryptUpdate with zero source length, because it fails on old versions of OpenSSL.
5.1 and 5.5 are not affected because use internal implementation of AES algorithm not an OpenSSL.
Oracle's builds are not affected because use YASSL/Taocrypt.

To post a comment you must log in.
Revision history for this message
Sergei Glushchenko (sergei.glushchenko) wrote :

http://jenkins.percona.com/view/PS%205.6/job/percona-server-5.6-param/332/

Revision history for this message
Laurynas Biveinis (laurynas-biveinis) wrote :

Sergei -

So bug 1201033 is an upstream bug for -DWITH_SSL=system configuration. Please report it there and link to bug 1201033.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added file 'Percona-Server/mysql-test/r/percona_bug1201033.result'
--- Percona-Server/mysql-test/r/percona_bug1201033.result 1970-01-01 00:00:00 +0000
+++ Percona-Server/mysql-test/r/percona_bug1201033.result 2013-10-01 19:24:53 +0000
@@ -0,0 +1,3 @@
1SELECT HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'));
2HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'))
30F8E1786085AE3719F8C00BC4A79CAFA
04
=== added file 'Percona-Server/mysql-test/t/percona_bug1201033.test'
--- Percona-Server/mysql-test/t/percona_bug1201033.test 1970-01-01 00:00:00 +0000
+++ Percona-Server/mysql-test/t/percona_bug1201033.test 2013-10-01 19:24:53 +0000
@@ -0,0 +1,5 @@
1#
2# Bug #1201033: Crash when using AES_ENCRYPT on empty string
3#
4
5SELECT HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'));
06
=== modified file 'Percona-Server/mysys_ssl/my_aes.cc'
--- Percona-Server/mysys_ssl/my_aes.cc 2013-03-27 16:23:35 +0000
+++ Percona-Server/mysys_ssl/my_aes.cc 2013-10-01 19:24:53 +0000
@@ -161,9 +161,13 @@
161 if (! EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL,161 if (! EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL,
162 (const unsigned char *) rkey, NULL))162 (const unsigned char *) rkey, NULL))
163 goto aes_error; /* Error */163 goto aes_error; /* Error */
164 if (! EVP_EncryptUpdate(&ctx, (unsigned char *) dest, &u_len,164 u_len= 0;
165 (unsigned const char *) source, source_length))165 if (source_length > 0) /* workaround for old OpenSSL versions */
166 goto aes_error; /* Error */166 {
167 if (! EVP_EncryptUpdate(&ctx, (unsigned char *) dest, &u_len,
168 (unsigned const char *) source, source_length))
169 goto aes_error; /* Error */
170 }
167 if (! EVP_EncryptFinal(&ctx, (unsigned char *) dest + u_len, &f_len))171 if (! EVP_EncryptFinal(&ctx, (unsigned char *) dest + u_len, &f_len))
168 goto aes_error; /* Error */172 goto aes_error; /* Error */
169173

Subscribers

People subscribed via source and target branches