Bug #82868 xprotocol: don't drop the connection if you don't understand the message type
Submitted: 6 Sep 2016 8:38 Modified: 24 Jan 2017 14:20
Reporter: Simon Mudd (OCA) Email Updates:
Status: Closed Impact on me:
Category:MySQL Server: Document Store: X Plugin Severity:S3 (Non-critical)
Version:5.7.14 OS:Any
Assigned to: CPU Architecture:Any
Tags: xprotocol

[6 Sep 2016 8:38] Simon Mudd
I notice that if I send unknown message types to the server the current behaviour is to send an ERROR message of type HY000, with text 'Invalid message' back to the client. That’s fine.

However, you also drop the connection which is I think wrong.  (5.7.14)

How to repeat:
Send a message to the MySQL server running with the X protocol, with an "unknown message type" (look in the protobuf descriptions for one but message type 255 is not currently recognised).

See that you get back a message indicating the server did not understand the message but the connection is also dropped.

Suggested fix:
In my opinion the current behaviour is wrong as it prohibits new clients talking to old servers which don’t understand what’s being said.

My expectation here would be that the ERROR message is sent but the connection is maintained open. The client then knows the server does not understand the message and can potentially act accordingly, say falling back to using a different message type.

Think of something like the SMTP protocol and the use of EHLO rather than the HELO message which triggers extended SMTP functionality.

Please also add counters of "unknown message types" received from a client so that we can track potentially suspicious or at least unexpected messages. These counters should be kept at the session level (P_S.host_cache) and also global counters.
[8 Sep 2016 8:36] MySQL Verification Team
Hello Simon,

Thank you for the report and feedback!

[8 Sep 2016 8:38] MySQL Verification Team
Thanks to Jan for the one line reproducer:

ushastry@ubuntu1604lts:~/Downloads$  perl -e 'print("\x01\x00\x00\x00\xff" x 2)' | netcat 33060 | hd
00000000  1e 00 00 00 01 08 01 10  88 27 1a 0f 49 6e 76 61  |.........'..Inva|
00000010  6c 69 64 20 6d 65 73 73  61 67 65 22 05 48 59 30  |lid message".HY0|
00000020  30 30                                             |00|

-- excerpt from error log

2016-09-08T08:33:29.258986Z 0 [Note] Plugin mysqlx reported: '19: Invalid message -1 received during client initialization'
2016-09-08T08:33:29.259093Z 0 [Note] Plugin mysqlx reported: '19: ERROR reading from socket Bad file descriptor (9) 2'
[24 Jan 2017 14:20] Tony Bedford
Posted by developer:
An entry has been added to the 5.7.17 and 8.0.1 changelogs:

If the client sent an unknown message type to the server, the server would send back an error message and then disconnect the client.