MySQL Bugs: #108511: Return value of mysql_audit_acquire

Bug #108511	Return value of mysql_audit_acquire_plugins() not get checked
Submitted:	16 Sep 2022 0:43	Modified:	16 Sep 2022 5:41
Reporter:	Li Zhong	Email Updates:
Status:	Verified	Impact on me:	None
Category:	MySQL Server: Security: Audit	Severity:	S2 (Serious)
Version:	8.0.21	OS:	Any
Assigned to:		CPU Architecture:	Any

View
Add Comment
Files
Developer
Edit Submission
View Progress Log
Contributions

Description:
In https://github.com/mysql/mysql-server/blob/f8cdce86448a211511e8a039c62580ae16cb96f5/sql/sq... and https://github.com/mysql/mysql-server/blob/f8cdce86448a211511e8a039c62580ae16cb96f5/sql/sq..., mysql_audit_acquire_plugins() could return error. But now it's unchecked.

How to repeat:
We find this by our static analysis tool. The analysis result is checked manually.

Suggested fix:
Add the checks:

if (mysql_audit_acquire_plugins(thd, MYSQL_AUDIT_GENERAL_CLASS,
                              MYSQL_AUDIT_GENERAL_ALL))
  return true;

Hello Li Zhong,

Thank you for the report and feedback.

regards,
Umesh