empty password is a valid password, don't crash

af2dd582 · Sergei Golubchik · 5f051022 · af2dd582 · af2dd582 · af2dd582
Commit af2dd582 authored Jun 18, 2018 by Sergei Golubchik
Showing with 8 additions and 1 deletion

mysql-test/r/set_password.result mysql-test/r/set_password.result +4 -0

mysql-test/t/set_password.test mysql-test/t/set_password.test +2 -0

sql/sql_acl.cc sql/sql_acl.cc +2 -1

No files found.
--- a/mysql-test/r/set_password.result
+++ b/mysql-test/r/set_password.result
@@ -174,4 +174,8 @@ connection default;
 select user,host,password,plugin,authentication_string from mysql.user where user='foo';
 user	host	password	plugin	authentication_string
 foo	localhost		mysql_native_password	*E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB
+set password for 'foo'@'localhost' = '';
+select user,host,password,plugin,authentication_string from mysql.user where user='foo';
+user	host	password	plugin	authentication_string
+foo	localhost		mysql_native_password	
 drop user foo@localhost;
--- a/mysql-test/t/set_password.test
+++ b/mysql-test/t/set_password.test
@@ -142,4 +142,6 @@ show grants;
 --disconnect foo
 --connection default
 select user,host,password,plugin,authentication_string from mysql.user where user='foo';
+set password for 'foo'@'localhost' = '';
+select user,host,password,plugin,authentication_string from mysql.user where user='foo';
 drop user foo@localhost;
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3864,7 +3864,8 @@ void set_authentication_plugin_from_password(const User_table& user_table,
                                             const char* password,
                                             uint password_length)
 {
-  if (password_length == SCRAMBLED_PASSWORD_CHAR_LENGTH)
+  if (password_length == SCRAMBLED_PASSWORD_CHAR_LENGTH ||
+      password_length == 0)
  {
    user_table.plugin()->store(native_password_plugin_name.str,
                               native_password_plugin_name.length,