Bug #112359 Suspicious 'if' condition in get_current_user()
Submitted: 15 Sep 2023 12:42 Modified: 19 Sep 2023 6:30
Reporter: Kamil Holubicki (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Security: Roles Severity:S3 (Non-critical)
Version:8.0.34 OS:Any
Assigned to: CPU Architecture:Any

[15 Sep 2023 12:42] Kamil Holubicki 
Description:
During code analysis, I've found this suspicious 'if' condition:

https://github.com/mysql/mysql-server/blob/ea1efa9822d81044b726aab20c857d5e1b7e046a/sql/sq...

if (!user || !user->user.str)  // current_user
{
   .....
   user->...
   .....
}

How to repeat:
I don't have any testcase showing that nullptr dereference can be hit, probably all invocations of the method pass valid user pointer, so the 1st part of the condition always evaluates to false and then it is safe to dereference, but anyway it doesn't look good...

Suggested fix:
if (user && !user->user.str)  // current_user
[19 Sep 2023 6:30] MySQL Verification Team 
Hello Kamil,

Thank you for the report and feedback.

regards,
Umesh