PS-4561: Read after free at Binlog_crypt_data::load_latest_binlog_key() #2468
Conversation
|
https://jenkins.percona.com/job/mysql-5.7-valgrind-param/97/ |
sql/binlog.cc
Outdated
| if (my_rand_buffer(nonce, sizeof(nonce))) | ||
| goto err; | ||
|
|
||
| // Check that after my_rand_buffer nonce does not contain all zeroes |
There was a problem hiding this comment.
I am not sure this check is useful: it's supposed to be an extremely rare occurrence. If it happens on a production server, debug check will not help, if it happens on a debug build, it's non-actionable. An option would be to generate a random not-zero byte and poke it somewhere, but this changes PRNG properties, and I'm not sure if for the better. What's the textbook standard way of dealing with this?
There was a problem hiding this comment.
I just wanted to be extra sure that after initializing nonce with 0 and then running my_rand_buffer on it - it for sure will be initialized with random bytes ... more like a sanity check. But when I look at it now I think I was bit over paranoid. I am OK with removing this check. Should I ? :)
There was a problem hiding this comment.
Yes, please remove
Removed access to system_key after it was freed. Also initliazed nonce to 0s.
robgolebiowski
force-pushed
the
5.7_PS-4561
branch
from
6e2753b to
77b404f
Compare
Removed access to system_key after it was freed. Also initliazed nonce
to 0s.