Merge 5.5 into 10.0

MariaDB · Mar 20, 2018 · 0492100 · 0492100
2 parents e3dd9a9 + 69bc3c1
commit 0492100
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 0 deletions.
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
@@ -788,6 +788,16 @@ int DoProcessReply(SSL& ssl)
             needHdr = true;
         else {
             buffer >> hdr;
+            /*
+              According to RFC 4346 (see "7.4.1.3. Server Hello"), the Server Hello
+              packet needs to specify the highest supported TLS version, but not
+              higher than what client requests. YaSSL highest supported version is
+              TLSv1.1 (=3.2) - if the client requests a higher version, downgrade it
+              here to 3.2.
+              See also Appendix E of RFC 5246 (TLS 1.2)
+            */
+            if (hdr.version_.major_ == 3 && hdr.version_.minor_ > 2)
+              hdr.version_.minor_ = 2;
             ssl.verifyState(hdr);
         }
 

diff --git a/include/my_valgrind.h b/include/my_valgrind.h
@@ -35,6 +35,8 @@
 # define MEM_CHECK_DEFINED(a,len) VALGRIND_CHECK_MEM_IS_DEFINED(a,len)
 #elif defined(__SANITIZE_ADDRESS__)
 # include <sanitizer/asan_interface.h>
+/* How to do manual poisoning:
+https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning */
 # define MEM_UNDEFINED(a,len) ASAN_UNPOISON_MEMORY_REGION(a,len)
 # define MEM_NOACCESS(a,len) ASAN_POISON_MEMORY_REGION(a,len)
 # define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0)

diff --git a/storage/innobase/mem/mem0mem.cc b/storage/innobase/mem/mem0mem.cc
@@ -406,6 +406,11 @@ mem_heap_create_block_func(
 		heap->total_size += len;
 	}
 
+	/* Poison all available memory. Individual chunks will be unpoisoned on
+	every mem_heap_alloc() call. */
+	compile_time_assert(MEM_BLOCK_HEADER_SIZE >= sizeof *block);
+	UNIV_MEM_FREE(block + 1, len - sizeof *block);
+
 	ut_ad((ulint)MEM_BLOCK_HEADER_SIZE < len);
 
 	return(block);

diff --git a/storage/xtradb/mem/mem0mem.cc b/storage/xtradb/mem/mem0mem.cc
@@ -406,6 +406,11 @@ mem_heap_create_block_func(
 		heap->total_size += len;
 	}
 
+	/* Poison all available memory. Individual chunks will be unpoisoned on
+	every mem_heap_alloc() call. */
+	compile_time_assert(MEM_BLOCK_HEADER_SIZE >= sizeof *block);
+	UNIV_MEM_FREE(block + 1, len - sizeof *block);
+
 	ut_ad((ulint)MEM_BLOCK_HEADER_SIZE < len);
 
 	return(block);