This is an automated email from the ASF dual-hosted git repository.
morningman pushed a commit to branch branch-1.2-lts
in repository https://gitbox.apache.org/repos/asf/doris.git
commit aeeb12eb2b97fe5c9f9daa7ea1ec3e625cf5bfbc
Author: abmdocrt <yukang.lian2...@gmail.com>
AuthorDate: Wed Apr 5 08:42:41 2023 +0800
[fix](SSL) fix ssl connection buffer overflow (#18359)
---
.../java/org/apache/doris/mysql/MysqlChannel.java | 10 +-
.../suites/mysql_ssl_p0/test_ssl_wild.groovy | 102 +++++++++++++++++++++
2 files changed, 106 insertions(+), 6 deletions(-)
diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java
b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java
index 9e048a6556..5172b243bc 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlChannel.java
@@ -350,7 +350,7 @@ public class MysqlChannel {
}
protected void realNetSend(ByteBuffer buffer) throws IOException {
- encryptData(buffer);
+ buffer = encryptData(buffer);
long bufLen = buffer.remaining();
long writeLen = Channels.writeBlocking(conn.getSinkChannel(), buffer);
if (bufLen != writeLen) {
@@ -361,9 +361,9 @@ public class MysqlChannel {
isSend = true;
}
- protected void encryptData(ByteBuffer dstBuf) throws SSLException {
+ protected ByteBuffer encryptData(ByteBuffer dstBuf) throws SSLException {
if (!isSslMode) {
- return;
+ return dstBuf;
}
encryptNetData.clear();
while (true) {
@@ -373,9 +373,7 @@ public class MysqlChannel {
}
}
encryptNetData.flip();
- dstBuf.clear();
- dstBuf.put(encryptNetData);
- dstBuf.flip();
+ return encryptNetData;
}
public void flush() throws IOException {
diff --git a/regression-test/suites/mysql_ssl_p0/test_ssl_wild.groovy
b/regression-test/suites/mysql_ssl_p0/test_ssl_wild.groovy
new file mode 100644
index 0000000000..3e7147698c
--- /dev/null
+++ b/regression-test/suites/mysql_ssl_p0/test_ssl_wild.groovy
@@ -0,0 +1,102 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+suite("test_ssl_wild") {
+ def tbName = "tb_test_ssl_wild"
+ int test_count = 20;
+ sql "DROP TABLE IF EXISTS ${tbName}"
+ // char not null to null
+ sql """
+ CREATE TABLE IF NOT EXISTS ${tbName} (
+ col1 bigint(20) NULL,
+ col2 bigint(20) NULL,
+ col3 text NULL,
+ col4 text NULL,
+ col5 text NULL,
+ col6 text NULL,
+ col7 text NULL,
+ col8 text NULL,
+ col9 text NULL,
+ col10 text NULL,
+ col11 text NULL,
+ col12 text NULL,
+ col13 text NULL,
+ col14 text NULL,
+ col15 text NULL,
+ col16 text NULL,
+ col17 text NULL,
+ col18 text NULL,
+ col19 text NULL,
+ col20 text NULL,
+ col21 text NULL,
+ col22 text NULL,
+ col23 text NULL,
+ col24 int(11) NULL,
+ col25 decimal(22, 2) NULL,
+ col26 decimal(22, 4) NULL,
+ col27 decimal(16, 8) NULL,
+ col28 decimal(16, 8) NULL,
+ col29 decimal(16, 2) NULL,
+ col30 decimal(16, 2) NULL,
+ col31 decimal(16, 2) NULL,
+ col32 decimal(16, 2) NULL,
+ col33 decimal(16, 2) NULL,
+ col34 decimal(16, 2) NULL,
+ col35 decimal(16, 2) NULL,
+ col36 decimal(16, 2) NULL,
+ col37 decimal(16, 2) NULL,
+ col38 decimal(16, 2) NULL,
+ col39 decimal(16, 2) NULL,
+ col40 decimal(16, 2) NULL,
+ col41 decimal(16, 2) NULL,
+ col42 decimal(16, 2) NULL,
+ col43 decimal(16, 2) NULL,
+ col44 decimal(16, 2) NULL,
+ col45 decimal(16, 2) NULL,
+ col46 decimal(16, 2) NULL,
+ col47 int(11) NULL,
+ col48 decimal(16, 2) NULL,
+ col49 decimal(22, 2) NULL,
+ col50 decimal(22, 2) NULL,
+ col51 decimal(22, 2) NULL,
+ col52 decimal(22, 2) NULL,
+ col53 decimal(16, 2) NULL,
+ col54 int(11) NULL,
+ col55 int(11) NULL,
+ col56 text NULL,
+ col57 text NULL,
+ col58 text NULL,
+ col59 text NULL,
+ col60 text NULL,
+ col61 decimal(22, 6) NULL,
+ col62 text NULL,
+ col63 text NULL,
+ col64 text NULL,
+ col65 text NULL,
+ col66 int(11) NULL
+ ) ENGINE=OLAP
+ DISTRIBUTED BY HASH(col1) BUCKETS 10
+ properties("replication_num" = "1");
+ """
+ sql """insert into ${tbName}(col1) values(1) """
+ while (test_count-- > 1) {
+ StringBuilder insertCommand = new StringBuilder();
+ insertCommand.append("INSERT INTO ${tbName} select * from ${tbName}");
+ sql insertCommand.toString()
+ }
+ sql """select * from ${tbName}"""
+}
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
