auth: fix CheckScrambledPassword() panic for invalid input by tiancaiamao · Pull Request #1197 · pingcap/parser

tiancaiamao · 2021-03-24T09:19:08Z

What problem does this PR solve?

What is changed and how it works?

The input data may be invalid, but calling CheckScrambledPassword() on malformed data should not make TiDB server panic.

Check List

Tests

Unit test

Related changes

Need to cherry-pick to the release branch
Need to update the documentation
Need to be included in the release note

tiancaiamao · 2021-03-24T09:23:55Z

The malformed data maybe related to pingcap/tidb#19603, maybe we are not resolving the protocol correctly, but I have no clue.

PTAL @djshow832 @morgo

kennytm · 2021-03-24T09:32:37Z

/lgtm

djshow832

Add some test cases?

tiancaiamao · 2021-03-24T10:03:43Z

Add some test cases?

https://github.com/pingcap/parser/pull/1197/files#diff-b06746870e62f95017714121be6134cffdc4bd1d46dd21f8cae8c484e3e2829dR47-R49 That's all for it.

djshow832 · 2021-03-24T10:24:48Z

auth/auth.go

 	terror.Log(errors.Trace(err))
 	hash := crypt.Sum(nil)
 	// token = scrambleHash XOR stage1Hash
+	if len(auth) != len(hash) {


Is it possible that len(auth) > len(hash)?

It doesn't matter, as long as len(auth) != len(hash) the input is invalid.

djshow832 · 2021-03-24T13:44:26Z

/lgtm

djshow832 · 2021-03-24T13:49:51Z

/merge

ti-srebot · 2021-03-24T13:52:07Z

/run-all-tests

ti-srebot · 2021-03-24T14:34:07Z

@tiancaiamao merge failed.

morgo · 2021-03-24T15:37:47Z

The malformed data maybe related to pingcap/tidb#19603, maybe we are not resolving the protocol correctly, but I have no clue.

PTAL @djshow832 @morgo

I took a look. The authSwitchRequest is relatively self contained unless the resp.AuthPlugin is caching_sha2_password (it doesn't attempt to authSwitch for any other plugins, even though it could). Do you know if it is a client attempting to use MySQL 8.0 auth?

There are other authentication plugins besides caching_sha2_password OR mysql_native_password that clients could attempt to use too, and it's also entirely possible it is a connector that doesn't speak the protocol correctly.

morgo · 2021-03-24T15:39:00Z

/run-all-tests

kennytm · 2021-03-24T19:09:26Z

I think we should just get rid of the integration test. The TiDB is always lagging behind making it almost always failing and impossible to use "/merge".

ti-srebot · 2021-03-25T03:29:38Z

cherry pick to release-5.0 failed

tiancaiamao · 2021-03-25T03:49:16Z

I took a look. The authSwitchRequest is relatively self contained unless the resp.AuthPlugin is caching_sha2_password (it doesn't attempt to authSwitch for any other plugins, even though it could). Do you know if it is a client attempting to use MySQL 8.0 auth?

There are other authentication plugins besides caching_sha2_password OR mysql_native_password that clients could attempt to use too, and it's also entirely possible it is a connector that doesn't speak the protocol correctly.

Yup, I've said I have no clue. I'm not sure how that happen and what trigger the malformed input.
We need more feedback from the user.

) * auth: fix CheckScrambledPassword() panic for invalid input * fix CI Co-authored-by: ti-srebot <[email protected]>

…1199) * auth: fix CheckScrambledPassword() panic for invalid input * fix CI Co-authored-by: ti-srebot <[email protected]> Co-authored-by: ti-srebot <[email protected]>

…1200) * auth: fix CheckScrambledPassword() panic for invalid input * fix CI Co-authored-by: ti-srebot <[email protected]> Co-authored-by: ti-srebot <[email protected]>

) * auth: fix CheckScrambledPassword() panic for invalid input * fix CI Co-authored-by: ti-srebot <[email protected]>

tiancaiamao added 2 commits March 24, 2021 17:15

auth: fix CheckScrambledPassword() panic for invalid input

bdce4d8

fix CI

9ec1c4a

ti-srebot added the status/LGT1 LGT1 label Mar 24, 2021

djshow832 reviewed Mar 24, 2021

View reviewed changes

ti-srebot removed the status/LGT1 LGT1 label Mar 24, 2021

ti-srebot approved these changes Mar 24, 2021

View reviewed changes

ti-srebot added the status/LGT2 LGT2 label Mar 24, 2021

ti-srebot added the status/can-merge label Mar 24, 2021

Merge branch 'master' into fix-panic

42ed463

kennytm merged commit ab6d0f2 into pingcap:master Mar 24, 2021

bb7133 added the needs-cherry-pick-release-5.0 label Mar 25, 2021

tiancaiamao deleted the fix-panic branch March 25, 2021 03:45

tiancaiamao mentioned this pull request Mar 25, 2021

go.mod: update parser to fix panic on connection verification pingcap/tidb#23532

Merged

This was referenced Mar 25, 2021

auth: fix CheckScrambledPassword() panic for invalid input (#1197) #1199

Merged

auth: fix CheckScrambledPassword() panic for invalid input (#1197) #1200

Merged

tiancaiamao mentioned this pull request Jun 1, 2021

Caching sha2 #1232

Merged

Conversation

tiancaiamao commented Mar 24, 2021

What problem does this PR solve?

What is changed and how it works?

Check List

Uh oh!

tiancaiamao commented Mar 24, 2021

Uh oh!

kennytm commented Mar 24, 2021

Uh oh!

djshow832 left a comment

Choose a reason for hiding this comment

Uh oh!

tiancaiamao commented Mar 24, 2021

Uh oh!

djshow832 Mar 24, 2021

Choose a reason for hiding this comment

Uh oh!

tiancaiamao Mar 24, 2021

Choose a reason for hiding this comment

Uh oh!

djshow832 commented Mar 24, 2021

Uh oh!

djshow832 commented Mar 24, 2021

Uh oh!

ti-srebot commented Mar 24, 2021

Uh oh!

ti-srebot commented Mar 24, 2021

Uh oh!

morgo commented Mar 24, 2021

Uh oh!

morgo commented Mar 24, 2021

Uh oh!

kennytm commented Mar 24, 2021

Uh oh!

ti-srebot commented Mar 25, 2021

Uh oh!

tiancaiamao commented Mar 25, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants