archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Don't use VLA in mysqlnd auth

Browse source 
We use alloca instead of VLA. This should also allow building
this code on Windows.
This commit is contained in:
Nikita Popov 2020-02-18 16:17:34 +01:00
parent f6fcc5c353
commit 9d31a42a30
3 changed files with 8 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ext/mysqlnd/mysqlnd_auth.c
View file

@ -806,7 +806,8 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self
if (server_public_key) {
int server_public_key_len;
char xor_str[passwd_len + 1];
ALLOCA_FLAG(use_heap);
char *xor_str = do_alloca(passwd_len + 1, use_heap);
memcpy(xor_str, passwd, passwd_len);
xor_str[passwd_len] = '\0';
mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, auth_plugin_data_len);
@ -819,6 +820,7 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self
*/
if ((size_t) server_public_key_len - 41 <= passwd_len) {
/* password message is to long */
free_alloca(xor_str, use_heap);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
DBG_ERR("password is too long");
DBG_RETURN(NULL);
@ -828,6 +830,7 @@ mysqlnd_sha256_auth_get_auth_data(struct st_mysqlnd_authentication_plugin * self
ret = malloc(*auth_data_len);
RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, ret, server_public_key, RSA_PKCS1_OAEP_PADDING);
RSA_free(server_public_key);
free_alloca(xor_str, use_heap);
}
}
@ -1025,7 +1028,8 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn,
if (server_public_key) {
int server_public_key_len;
char xor_str[passwd_len + 1];
ALLOCA_FLAG(use_heap)
char *xor_str = do_alloca(passwd_len + 1, use_heap);
memcpy(xor_str, passwd, passwd_len);
xor_str[passwd_len] = '\0';
mysqlnd_xor_string(xor_str, passwd_len, (char *) auth_plugin_data, SCRAMBLE_LENGTH);
@ -1038,6 +1042,7 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn,
*/
if ((size_t) server_public_key_len - 41 <= passwd_len) {
/* password message is to long */
free_alloca(xor_str, use_heap);
SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, "password is too long");
DBG_ERR("password is too long");
DBG_RETURN(0);
@ -1045,6 +1050,7 @@ mysqlnd_caching_sha2_get_and_use_key(MYSQLND_CONN_DATA *conn,
*crypted = emalloc(server_public_key_len);
RSA_public_encrypt(passwd_len + 1, (zend_uchar *) xor_str, *crypted, server_public_key, RSA_PKCS1_OAEP_PADDING);
free_alloca(xor_str, use_heap);
DBG_RETURN(server_public_key_len);
}
DBG_RETURN(0);