MySQL Bugs: #106606: add function sql_real

Bug #106606	add function sql_real_connect parameters
Submitted:	1 Mar 2022 6:54	Modified:	2 Mar 2022 14:14
Reporter:	bin wang (OCA)	Email Updates:
Status:	Not a Bug	Impact on me:	None
Category:	MySQL Server: Command-line Clients	Severity:	S3 (Non-critical)
Version:		OS:	Any
Assigned to:		CPU Architecture:	Any

Description:
mysql-8.0.28\client\mysql.cc\sql_real_connect.cc
have a parameter lack of name 
static int sql_real_connect(char *host, char *database, char *user, char *,
                            uint silent) {

How to repeat:
add variable  password in the function   would be better
static int sql_real_connect(char *host, char *database, char *user, char * , uint silent) {
..................
    ret = mysql_real_connect_dns_srv(&mysql, dns_srv_name, user, nullptr,
                                     database,
                                     connect_flag | CLIENT_MULTI_STATEMENTS);
..................
    ret = mysql_real_connect(&mysql, host, user, nullptr, database,
                             opt_mysql_port, opt_mysql_unix_port,
                             connect_flag | CLIENT_MULTI_STATEMENTS);
..................

Suggested fix:
 
-static int sql_real_connect(char *host, char *database, char *user, char *password,
+static int sql_real_connect(char *host, char *database, char *user, char *,
                             uint silent) {
..............
-    ret = mysql_real_connect_dns_srv(&mysql, dns_srv_name, user, passeord,
+    ret = mysql_real_connect_dns_srv(&mysql, dns_srv_name, user, nullptr,
                                      database,
                                      connect_flag | CLIENT_MULTI_STATEMENTS);
   else
-    ret = mysql_real_connect(&mysql, host, user, password, database,
+    ret = mysql_real_connect(&mysql, host, user, nullptr, database,
                              opt_mysql_port, opt_mysql_unix_port,
                              connect_flag | CLIENT_MULTI_STATEMENTS);
......................

suggested add patch

Attachment: mysql.patch (application/octet-stream, text), 1.13 KiB.

Bug #106607 marked as duplicate of this one

ok, Suggested fix: is
+static int sql_real_connect(char *host, char *database, char *user, char *password,
                             uint silent) {
   if (connected) {
     connected = false;
@@ -4525,11 +4525,11 @@ static int sql_real_connect(char *host,
 #endif
   MYSQL *ret;
   if (dns_srv_name)
-    ret = mysql_real_connect_dns_srv(&mysql, dns_srv_name, user, nullptr,
+    ret = mysql_real_connect_dns_srv(&mysql, dns_srv_name, user, passeord,
                                      database,
                                      connect_flag | CLIENT_MULTI_STATEMENTS);
   else
-    ret = mysql_real_connect(&mysql, host, user, nullptr, database,
+    ret = mysql_real_connect(&mysql, host, user, password, database,
                              opt_mysql_port, opt_mysql_unix_port,
                              connect_flag | CLIENT_MULTI_STATEMENTS);
   if (!ret) {

this a error in the beforesuggested add patch is

Attachment: mysql.patch (application/octet-stream, text), 1.13 KiB.

Hi Mr. wang,

Thank you for your bug report. Thank you, even more, for your patch.

However, we do not see any value in changing `nullptr` to `password` for the parameter that is not used at all. Instead, it would be better to notify compiler that this parameter is not used in this function , at all.

Hence, we truly do not see what would be the benefit by applying your patch.

We are waiting on your feedback.

Hi Mr. wang,

That particular parameter should remain a NULL pointer, because the real function that is used to login to the server gets its password through some completely different context .......

That is why we shall set this report as "Not a bug", unless you come with some better option of obtaining the password in the secure manner.

This turns out not to be a bug, since password is acquired by a totally separate set of functions.

Not a bug.