diff --git a/cmake/do_abi_check.cmake b/cmake/do_abi_check.cmake index 02bf9fbe1fba3..408d05f71f06a 100644 --- a/cmake/do_abi_check.cmake +++ b/cmake/do_abi_check.cmake @@ -46,8 +46,8 @@ # leave a /abi_check.out file. # # A developer with a justified API change will then do a -# mv /abi_check.out include/mysql/plugin.pp -# to replace the old canons with the new ones. +# build of the target abi_update and verify the API change +# in the git difference is as intended. # SET(abi_check_out ${BINARY_DIR}/abi_check.out) @@ -65,7 +65,7 @@ FOREACH(file ${ABI_HEADERS}) ERROR_QUIET OUTPUT_FILE ${tmpfile}) EXECUTE_PROCESS( COMMAND sed -e "/^# /d" - -e "/^[ ]*$/d" + -e "/^[ ;]*$/d" -e "/^#pragma GCC set_debug_pwd/d" -e "/^#ident/d" RESULT_VARIABLE result OUTPUT_FILE ${abi_check_out} INPUT_FILE ${tmpfile}) diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp index e06ebcab00955..03e876b70876b 100644 --- a/include/mysql/plugin_audit.h.pp +++ b/include/mysql/plugin_audit.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp index 79160f52a5be7..733e77624f02d 100644 --- a/include/mysql/plugin_auth.h.pp +++ b/include/mysql/plugin_auth.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_data_type.h.pp b/include/mysql/plugin_data_type.h.pp index 938bd8e077874..dbd2b0aaa7f4b 100644 --- a/include/mysql/plugin_data_type.h.pp +++ b/include/mysql/plugin_data_type.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_encryption.h.pp b/include/mysql/plugin_encryption.h.pp index d1e7682b3726c..361628cbcf57d 100644 --- a/include/mysql/plugin_encryption.h.pp +++ b/include/mysql/plugin_encryption.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp index dc7d1cbce8d81..48d836ea46512 100644 --- a/include/mysql/plugin_ftparser.h.pp +++ b/include/mysql/plugin_ftparser.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_function.h.pp b/include/mysql/plugin_function.h.pp index dad5d9bb274a6..0a78bf5818bee 100644 --- a/include/mysql/plugin_function.h.pp +++ b/include/mysql/plugin_function.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp index fdc5ecd13f89d..add4804f20483 100644 --- a/include/mysql/plugin_password_validation.h.pp +++ b/include/mysql/plugin_password_validation.h.pp @@ -59,7 +59,6 @@ int res1, res2; unsigned int d1, d2= *dlen; assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); if (src < dst) assert(src + slen <= dst); else diff --git a/include/mysql/service_encryption.h b/include/mysql/service_encryption.h index 8b1d963b4c601..4fdf223e76ffc 100644 --- a/include/mysql/service_encryption.h +++ b/include/mysql/service_encryption.h @@ -26,6 +26,11 @@ #ifndef MYSQL_ABI_CHECK #include +#ifdef __has_include +#if __has_include() +#include +#endif +#endif #ifdef _WIN32 #ifndef __cplusplus #define inline __inline @@ -33,6 +38,11 @@ #endif #endif +#ifndef MEM_UNDEFINED +#define MEM_UNDEFINED(addr, length) +#define MEM_CHECK_ADDRESSABLE(addr, length) +#endif + #ifdef __cplusplus extern "C" { #endif @@ -119,10 +129,16 @@ static inline int encryption_crypt(const unsigned char* src, unsigned int slen, int res1, res2; unsigned int d1, d2= *dlen; - // Verify dlen is initialized properly. See MDEV-30389 + /* Verify dlen is initialized properly. */ assert(*dlen >= slen); - assert((dst[*dlen - 1]= 1) == 1); - // Verify buffers do not overlap + /* ensure we're not leaking output */ + MEM_UNDEFINED(dst, *dlen); + /* inputs should be accessible */ + MEM_CHECK_ADDRESSABLE(src, slen); + MEM_CHECK_ADDRESSABLE(dst, *dlen); + MEM_CHECK_ADDRESSABLE(key, klen); + MEM_CHECK_ADDRESSABLE(iv, ivlen); + /* Verify buffers do not overlap */ if (src < dst) assert(src + slen <= dst); else