Bug #59823 AES_DECRYPT returns junk on null blob
Submitted: 30 Jan 2011 18:07 Modified: 28 Feb 2011 18:33
Reporter: John Baxter Email Updates:
Status: No Feedback Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:5.1.41 OS:Any
Assigned to: CPU Architecture:Any
Tags: AES_DECRYPT

[30 Jan 2011 18:07] John Baxter 
Description:
I have an innodb table. One of the columns is a blob.  Even if the blob is null, I can get it to return junk, ONLY if I uses a special sequence of characters, some variations on the sequence produce similar result. But usually if you change only one letter in the sequence you get what you are supposed to , NULL.

How to repeat:
SELECT AES_DECRYPT('colum1','15061983Pha9perUaE2RujESwa9eTa955rbpes5Du3eyuthATrEpRef')  FROM table WHERE id= 1

WHAT I GET FROM A NULL COLUMN
3!6rWJ)���L�.�

Suggested fix:
if  the field is null, it should always return null. It seems that inside aes_decrypt there is not check for null, before doinbg the actual decryption.
[30 Jan 2011 18:33] Valeriy Kravchuk 
Please, check with a newer version, 5.1.54:

mysql> select aes_decrypt(NULL, '15061983Pha9perUaE2RujESwa9eTa955rbpes5Du3eyuthATrEpRef')
    -> ;
+------------------------------------------------------------------------------+
| aes_decrypt(NULL, '15061983Pha9perUaE2RujESwa9eTa955rbpes5Du3eyuthATrEpRef') |
+------------------------------------------------------------------------------+
| NULL                                                                         |
+------------------------------------------------------------------------------+
1 row in set (0.00 sec)

mysql> select version();
+--------------+
| version()    |
+--------------+
| 5.1.56-debug |
+--------------+
1 row in set (0.00 sec)
[1 Mar 2011 0:00] Bugs System 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".