From 72aefea1ed08a602aaaaef9dd61d76c320f1cb74 Mon Sep 17 00:00:00 2001 From: Rahim Kanji Date: Tue, 22 Oct 2024 15:23:40 +0500 Subject: [PATCH 1/3] Fixed crash caused by sending single semicolon (;) on admin interface --- lib/ProxySQL_Admin.cpp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/ProxySQL_Admin.cpp b/lib/ProxySQL_Admin.cpp index f80826327..4b3c3b770 100644 --- a/lib/ProxySQL_Admin.cpp +++ b/lib/ProxySQL_Admin.cpp @@ -3761,12 +3761,20 @@ void admin_session_handler(MySQL_Session *sess, void *_pa, PtrSize_t *pkt) { if (query_no_space_length) { // fix bug #925 - while (query_no_space[query_no_space_length-1]==';' || query_no_space[query_no_space_length-1]==' ') { + while (query_no_space_length && + (query_no_space[query_no_space_length-1]==';' || query_no_space[query_no_space_length-1]==' ')) { query_no_space_length--; query_no_space[query_no_space_length]=0; } } + if (query_no_space_length == 0) { + proxy_warning("Empty query\n"); + SPA->send_MySQL_ERR(&sess->client_myds->myprot, (char*)"Empty query"); + run_query = false; + goto __run_query; + } + // add global mutex, see bug #1188 pthread_mutex_lock(&pa->sql_query_global_mutex); From 4f67794ee86502754a640118334059fcb6ef7d6b Mon Sep 17 00:00:00 2001 From: Rahim Kanji Date: Tue, 22 Oct 2024 15:24:05 +0500 Subject: [PATCH 2/3] Added TAP test --- ...mysql-reg_test_4716_single_semicolon-t.cpp | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp diff --git a/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp b/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp new file mode 100644 index 000000000..c167b8f34 --- /dev/null +++ b/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp @@ -0,0 +1,64 @@ + /** + * @file mysql-reg_test_4716_single_semicolon-t.cpp + * @brief This test aims to verify that ProxySQL handles a lone semicolon (;) input + * crashing. The expected behavior is for ProxySQL to either ignore the input or return an + * appropriate error message, rather than crashing or becoming unresponsive. + */ + +#include +#include + +#include "mysql.h" +#include "command_line.h" +#include "tap.h" +#include "utils.h" + +CommandLine cl; + +enum ConnType { + ADMIN, + BACKEND +}; + +int main(int argc, char** argv) { + + std::vector queries = { ";", " ", "", "; ", " ;" }; + + plan(queries.size() + 1); // Total number of tests planned + + if (cl.getEnv()) + return exit_status(); + + // Initialize Admin connection + MYSQL* proxysql_admin = mysql_init(NULL); + if (!proxysql_admin) { + fprintf(stderr, "File %s, line %d, Error: %s\n", __FILE__, __LINE__, mysql_error(proxysql_admin)); + return -1; + } + + // Connnect to ProxySQL Admin + if (!mysql_real_connect(proxysql_admin, cl.host, cl.admin_username, cl.admin_password, NULL, cl.admin_port, NULL, 0)) { + fprintf(stderr, "File %s, line %d, Error: %s\n", __FILE__, __LINE__, mysql_error(proxysql_admin)); + return -1; + } + + for (const char* query : queries) { + MYSQL_QUERY_err(proxysql_admin, query); + const int _errorno = mysql_errno(proxysql_admin); + ok(_errorno > 0, "Error Code:%d, Message:%s", _errorno, mysql_error(proxysql_admin)); + } + + // Test a valid query to ensure the connection is working + if (mysql_query(proxysql_admin, "SELECT 1") == 0) { + MYSQL_RES* res = mysql_store_result(proxysql_admin); + ok(res != nullptr, "Query executed successfully. %s", mysql_error(proxysql_admin)); + mysql_free_result(res); + } + else { + ok(false, "Error executing query. %s", mysql_error(proxysql_admin)); + } + + mysql_close(proxysql_admin); + + return exit_status(); +} From b84e0a6361261ac7b7bad8e736b17a807731ce6a Mon Sep 17 00:00:00 2001 From: Rahim Kanji Date: Tue, 29 Oct 2024 12:35:29 +0500 Subject: [PATCH 3/3] Fixed admin port --- test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp b/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp index c167b8f34..116debe36 100644 --- a/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp +++ b/test/tap/tests/mysql-reg_test_4716_single_semicolon-t.cpp @@ -37,7 +37,7 @@ int main(int argc, char** argv) { } // Connnect to ProxySQL Admin - if (!mysql_real_connect(proxysql_admin, cl.host, cl.admin_username, cl.admin_password, NULL, cl.admin_port, NULL, 0)) { + if (!mysql_real_connect(proxysql_admin, cl.admin_host, cl.admin_username, cl.admin_password, NULL, cl.admin_port, NULL, 0)) { fprintf(stderr, "File %s, line %d, Error: %s\n", __FILE__, __LINE__, mysql_error(proxysql_admin)); return -1; }