Hi, Nirbhay! On Mar 31, Nirbhay Choubey wrote:
revision-id: f9f290b6828eeb57cba611d006d2a9301dc52244 (mariadb-10.1.13-3-gf9f290b) parent(s): f4d5fe277599da4549c97c660f324c88cf9a2542 author: Nirbhay Choubey committer: Nirbhay Choubey timestamp: 2016-03-31 18:03:44 -0400 message:
MDEV-9851: CREATE USER w/o IDENTIFIED BY clause causes crash when using cracklib plugin
Add a check for NULL password.
diff --git a/plugin/cracklib_password_check/cracklib_password_check.c b/plugin/cracklib_password_check/cracklib_password_check.c index c593173..c192cdf 100644 --- a/plugin/cracklib_password_check/cracklib_password_check.c +++ b/plugin/cracklib_password_check/cracklib_password_check.c @@ -33,7 +33,8 @@ static int crackme(MYSQL_LEX_STRING *username, MYSQL_LEX_STRING *password) if ((host= strchr(user, '@'))) *host++= 0;
- if ((res= FascistCheckUser(password->str, dictionary, user, host))) + if ((password->str == NULL) || // No password + (res= FascistCheckUser(password->str, dictionary, user, host))) { my_printf_error(ER_NOT_VALID_PASSWORD, "cracklib: %s", MYF(ME_JUST_WARNING), res);
You forgot to fix the simple_password_check plugin. And if all plugins need to do the same check - it's a strong indication that this should've been done in the server. So, please, fix this in sql_acl.cc instead. Like this: - struct validation_data data= { &user->user, &user->pwtext }; + struct validation_data data= { &user->user, user->pwtext.str ? &user->pwtext : &empy_lex_str }; Ok to push with this fix and your test case. Regards, Sergei Chief Architect MariaDB and security@mariadb.org