Commit 55b7b756 authored by Davi Arnaut's avatar Davi Arnaut

Manual merge.

parents 49318af3 14ccbeb4
...@@ -277,6 +277,16 @@ typedef struct st_net { ...@@ -277,6 +277,16 @@ typedef struct st_net {
/** Client library sqlstate buffer. Set along with the error message. */ /** Client library sqlstate buffer. Set along with the error message. */
char sqlstate[SQLSTATE_LENGTH+1]; char sqlstate[SQLSTATE_LENGTH+1];
void *extension; void *extension;
#if defined(MYSQL_SERVER) && !defined(EMBEDDED_LIBRARY)
/*
Controls whether a big packet should be skipped.
Initially set to FALSE by default. Unauthenticated sessions must have
this set to FALSE so that the server can't be tricked to read packets
indefinitely.
*/
my_bool skip_big_packet;
#endif
} NET; } NET;
......
...@@ -136,6 +136,9 @@ my_bool my_net_init(NET *net, Vio* vio) ...@@ -136,6 +136,9 @@ my_bool my_net_init(NET *net, Vio* vio)
#else #else
net->query_cache_query= 0; net->query_cache_query= 0;
#endif #endif
#if defined(MYSQL_SERVER) && !defined(EMBEDDED_LIBRARY)
net->skip_big_packet= FALSE;
#endif
if (vio != 0) /* If real connection */ if (vio != 0) /* If real connection */
{ {
...@@ -949,6 +952,7 @@ my_real_read(NET *net, size_t *complen) ...@@ -949,6 +952,7 @@ my_real_read(NET *net, size_t *complen)
{ {
#if defined(MYSQL_SERVER) && !defined(NO_ALARM) #if defined(MYSQL_SERVER) && !defined(NO_ALARM)
if (!net->compress && if (!net->compress &&
net->skip_big_packet &&
!my_net_skip_rest(net, (uint32) len, &alarmed, &alarm_buff)) !my_net_skip_rest(net, (uint32) len, &alarmed, &alarm_buff))
net->error= 3; /* Successfully skiped packet */ net->error= 3; /* Successfully skiped packet */
#endif #endif
......
...@@ -471,6 +471,13 @@ check_user(THD *thd, enum enum_server_command command, ...@@ -471,6 +471,13 @@ check_user(THD *thd, enum enum_server_command command,
} }
my_ok(thd); my_ok(thd);
thd->password= test(passwd_len); // remember for error messages thd->password= test(passwd_len); // remember for error messages
/*
Allow the network layer to skip big packets. Although a malicious
authenticated session might use this to trick the server to read
big packets indefinitely, this is a previously established behavior
that needs to be preserved as to not break backwards compatibility.
*/
thd->net.skip_big_packet= TRUE;
/* Ready to handle queries */ /* Ready to handle queries */
DBUG_RETURN(0); DBUG_RETURN(0);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment