Skip to content

Commit c646e4a

Browse files
author
Igor Solodovnikov
committed
Bug #17351732 MYSQL_CHANGE_USER() API RETURNS ERROR
 UNKNOWN DATABASE 'MYSQL_NATIVE_PASSWORD' Malformed packed was created in send_client_reply_packet() due to wrong handling of CLIENT_CONNECT_WITH_DB flag. Fixed problem in mysql_change_user()'s handling of mysql handle which could lead to free()ing static string literal.
1 parent dfbe3ed commit c646e4a

2 files changed

Lines changed: 16 additions & 7 deletions

File tree

libmysql/libmysql.c

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
1+
/* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
22
33
This program is free software; you can redistribute it and/or modify
44
it under the terms of the GNU General Public License as published by
@@ -357,10 +357,13 @@ my_bool STDCALL mysql_change_user(MYSQL *mysql, const char *user,
357357
DBUG_RETURN(TRUE);
358358
}
359359

360-
/* Use an empty string instead of NULL. */
361-
362-
mysql->user= (char*)(user ? user : "");
363-
mysql->passwd= (char*)(passwd ? passwd : "");
360+
/*
361+
Use an empty string instead of NULL.
362+
Alloc user and password on heap because mysql_reconnect()
363+
calls mysql_close() on success.
364+
*/
365+
mysql->user= my_strdup(user ? user : "", MYF(MY_WME));
366+
mysql->passwd= my_strdup(passwd ? passwd : "", MYF(MY_WME));
364367
mysql->db= 0;
365368

366369
rc= run_plugin_auth(mysql, 0, 0, 0, db);
@@ -378,12 +381,16 @@ my_bool STDCALL mysql_change_user(MYSQL *mysql, const char *user,
378381
my_free(saved_db);
379382

380383
/* alloc new connect information */
381-
mysql->user= my_strdup(mysql->user, MYF(MY_WME));
382-
mysql->passwd= my_strdup(mysql->passwd, MYF(MY_WME));
383384
mysql->db= db ? my_strdup(db, MYF(MY_WME)) : 0;
384385
}
385386
else
386387
{
388+
/* Free temporary connect information */
389+
my_free(mysql->user);
390+
my_free(mysql->passwd);
391+
my_free(mysql->db);
392+
393+
/* Restore saved state */
387394
mysql->charset= saved_cs;
388395
mysql->user= saved_user;
389396
mysql->passwd= saved_passwd;

sql-common/client.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2591,6 +2591,8 @@ static int send_client_reply_packet(MCPVIO_EXT *mpvio,
25912591
#endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY*/
25922592
if (mpvio->db)
25932593
mysql->client_flag|= CLIENT_CONNECT_WITH_DB;
2594+
else
2595+
mysql->client_flag&= ~CLIENT_CONNECT_WITH_DB;
25942596

25952597
/* Remove options that server doesn't support */
25962598
mysql->client_flag= mysql->client_flag &

0 commit comments

Comments
 (0)