| Bug #90165 | General purpose keyring function truncates binary data | ||
|---|---|---|---|
| Submitted: | 21 Mar 2018 15:33 | Modified: | 22 Mar 2018 11:19 |
| Reporter: | Norman Stevens | Email Updates: | |
| Status: | Verified | Impact on me: | |
| Category: | MySQL Server: Security: Encryption | Severity: | S3 (Non-critical) |
| Version: | 5.7.21 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
[22 Mar 2018 11:19]
MySQL Verification Team
Hello Norman, Thank you for the report! Thanks, Umesh
Description: General purpose keyring function keyring_key_store truncates binary data. How to repeat: SELECT keyring_key_store('key_name', 'AES', unhex('c64c257bac156eb545ecb01b4527d3d8f5b5bdf11bbdafdd6023cb8c00c99ef6')); The key which is stored is truncated at the 28th byte. This is a null byte. Suggested fix: At line 243 of keyring_udf.cc the length is passed as strlen(args->args[2]) The code should use the length from the lengths value, i.e. args->lengths[2]