Bug #92954 | COM_CHANGE_USER command failed when client has CLIENT_CONNECT_ATTRS capability | ||
---|---|---|---|
Submitted: | 26 Oct 2018 7:40 | Modified: | 15 Nov 2018 13:36 |
Reporter: | andy zhang | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: C API (client library) | Severity: | S3 (Non-critical) |
Version: | 5.6 and above | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | Com_change_user |
[26 Oct 2018 7:40]
andy zhang
[13 Nov 2018 13:20]
MySQL Verification Team
Hi, I can confirm that your analysis is correct and that character set 2-byte code is not skipped immediately. However, the pointer `ptr` is NOT used between the command for getting the character set and the assignment of the `client_plugin` pointer. Simply, pointer `ptr` is NOT used at all between the two lines. Hence, I do not see how can this be a bug ???
[15 Nov 2018 13:19]
andy zhang
Sinisa, Please look ahead for some more lines of code. Ptr will be referenced as the start of attributes string. The reason the problem was never exposed is that no case qualified mpvio->client_capabilities & CLIENT_CONNECT_ATTRS. But in our environment, our application entered the path. size_t bytes_remaining_in_packet= end - ptr; if ((mpvio->client_capabilities & CLIENT_CONNECT_ATTRS) && read_client_connect_attrs(&ptr, &bytes_remaining_in_packet, mpvio->charset_adapter->charset())) return packet_error;
[15 Nov 2018 13:36]
MySQL Verification Team
Hi, Unfortunately, I have to admit that this is a bug. In the function that you mention, `ptr` is supposed to point to the length and not to the character set code. Verified as reported.