Merge lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033 into lp:percona-server/5.6

Proposed by Sergei Glushchenko on 2013-10-01
Status: Merged
Approved by: Laurynas Biveinis on 2013-10-02
Approved revision: 446
Merged at revision: 446
Proposed branch: lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033
Merge into: lp:percona-server/5.6
Diff against target: 37 lines (+15/-3)
3 files modified
Percona-Server/mysql-test/r/percona_bug1201033.result (+3/-0)
Percona-Server/mysql-test/t/percona_bug1201033.test (+5/-0)
Percona-Server/mysys_ssl/my_aes.cc (+7/-3)
To merge this branch: bzr merge lp:~sergei.glushchenko/percona-server/5.6-ps-bug1201033
Reviewer Review Type Date Requested Status
Laurynas Biveinis (community) 2013-10-01 Approve on 2013-10-02
Review via email: mp+188701@code.launchpad.net

Description of the change

Avoid to invoke EVP_EncryptUpdate with zero source length, because it fails on old versions of OpenSSL.
5.1 and 5.5 are not affected because use internal implementation of AES algorithm not an OpenSSL.
Oracle's builds are not affected because use YASSL/Taocrypt.

To post a comment you must log in.

Sergei -

So bug 1201033 is an upstream bug for -DWITH_SSL=system configuration. Please report it there and link to bug 1201033.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file 'Percona-Server/mysql-test/r/percona_bug1201033.result'
2--- Percona-Server/mysql-test/r/percona_bug1201033.result 1970-01-01 00:00:00 +0000
3+++ Percona-Server/mysql-test/r/percona_bug1201033.result 2013-10-01 19:24:53 +0000
4@@ -0,0 +1,3 @@
5+SELECT HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'));
6+HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'))
7+0F8E1786085AE3719F8C00BC4A79CAFA
8
9=== added file 'Percona-Server/mysql-test/t/percona_bug1201033.test'
10--- Percona-Server/mysql-test/t/percona_bug1201033.test 1970-01-01 00:00:00 +0000
11+++ Percona-Server/mysql-test/t/percona_bug1201033.test 2013-10-01 19:24:53 +0000
12@@ -0,0 +1,5 @@
13+#
14+# Bug #1201033: Crash when using AES_ENCRYPT on empty string
15+#
16+
17+SELECT HEX(AES_ENCRYPT('','6b2d440b57b3bae74e3cf71e415b3965'));
18
19=== modified file 'Percona-Server/mysys_ssl/my_aes.cc'
20--- Percona-Server/mysys_ssl/my_aes.cc 2013-03-27 16:23:35 +0000
21+++ Percona-Server/mysys_ssl/my_aes.cc 2013-10-01 19:24:53 +0000
22@@ -161,9 +161,13 @@
23 if (! EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL,
24 (const unsigned char *) rkey, NULL))
25 goto aes_error; /* Error */
26- if (! EVP_EncryptUpdate(&ctx, (unsigned char *) dest, &u_len,
27- (unsigned const char *) source, source_length))
28- goto aes_error; /* Error */
29+ u_len= 0;
30+ if (source_length > 0) /* workaround for old OpenSSL versions */
31+ {
32+ if (! EVP_EncryptUpdate(&ctx, (unsigned char *) dest, &u_len,
33+ (unsigned const char *) source, source_length))
34+ goto aes_error; /* Error */
35+ }
36 if (! EVP_EncryptFinal(&ctx, (unsigned char *) dest + u_len, &f_len))
37 goto aes_error; /* Error */
38

Subscribers

People subscribed via source and target branches