Skip to content
Permalink
Browse files

Update WolfSSL, remove older workarounds.

  • Loading branch information...
vaintroub authored and Oleksandr Byelkin committed Jul 26, 2019
1 parent 2792c6e commit f61a98068695994bcfddc1146e7744f50296f9b9
@@ -40,10 +40,6 @@ INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl)
IF(MSVC)
# size_t to long truncation warning
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -wd4267 -wd4334")
IF(CMAKE_C_COMPILER_ID MATCHES Clang)
# Workaround a bug with clang-cl, see https://github.com/wolfSSL/wolfssl/pull/2090
ADD_DEFINITIONS(-DMP_16BIT)
ENDIF()
ENDIF()

ADD_CONVENIENCE_LIBRARY(wolfssl ${WOLFSSL_SOURCES})
Submodule wolfssl updated 185 files
@@ -88,24 +88,8 @@ class MyCTX
}
virtual int finish(uchar *dst, uint *dlen)
{
#ifdef HAVE_WOLFSSL
/*
Bug in WolfSSL - sometimes EVP_CipherFinal_ex
returns success without setting destination length
when it should return error.
We catch it by presetting invalid value for length,
and checking if it has changed after the call.
See https://github.com/wolfSSL/wolfssl/issues/2224
*/
*dlen= UINT_MAX;
#endif
if (EVP_CipherFinal_ex(ctx, dst, (int*)dlen) != 1)
return MY_AES_BAD_DATA;
#ifdef HAVE_WOLFSSL
if (*dlen == UINT_MAX)
return MY_AES_BAD_DATA;
#endif
return MY_AES_OK;
}
};
@@ -41,12 +41,6 @@ my_bool srv_encrypt_log;

struct aes_block_t {
byte bytes[MY_AES_BLOCK_SIZE];
#ifdef HAVE_WOLFSSL
// Workaround for MDEV-19582.
// WolfSSL reads memory out of bounds with decrypt/NOPAD
// Pad the structure to workaround
byte pad[MY_AES_BLOCK_SIZE];
#endif
};

struct crypt_info_t {
@@ -42,14 +42,6 @@ Created 2011-05-26 Marko Makela
#include <algorithm>
#include <map>

#ifdef HAVE_WOLFSSL
// Workaround for MDEV-19582
// (WolfSSL reads memory out of bounds with decryption/NOPAD)
#define WOLFSSL_PAD_SIZE MY_AES_BLOCK_SIZE
#else
#define WOLFSSL_PAD_SIZE 0
#endif

Atomic_counter<ulint> onlineddl_rowlog_rows;
ulint onlineddl_rowlog_pct_used;
ulint onlineddl_pct_progress;
@@ -301,7 +293,7 @@ row_log_block_allocate(
);

log_buf.block = ut_allocator<byte>(mem_key_row_log_buf)
.allocate_large(srv_sort_buf_size + WOLFSSL_PAD_SIZE,
.allocate_large(srv_sort_buf_size,
&log_buf.block_pfx);

if (log_buf.block == NULL) {
@@ -323,7 +315,7 @@ row_log_block_free(
if (log_buf.block != NULL) {
ut_allocator<byte>(mem_key_row_log_buf).deallocate_large(
log_buf.block, &log_buf.block_pfx,
log_buf.size + WOLFSSL_PAD_SIZE);
log_buf.size);
log_buf.block = NULL;
}
DBUG_VOID_RETURN;
@@ -3239,7 +3231,7 @@ row_log_allocate(
index->online_log = log;

if (log_tmp_is_encrypted()) {
ulint size = srv_sort_buf_size + WOLFSSL_PAD_SIZE;
ulint size = srv_sort_buf_size;
log->crypt_head = static_cast<byte *>(os_mem_alloc_large(&size));
log->crypt_tail = static_cast<byte *>(os_mem_alloc_large(&size));

@@ -3273,13 +3265,11 @@ row_log_free(
row_merge_file_destroy_low(log->fd);

if (log->crypt_head) {
os_mem_free_large(log->crypt_head, srv_sort_buf_size
+ WOLFSSL_PAD_SIZE);
os_mem_free_large(log->crypt_head, srv_sort_buf_size);
}

if (log->crypt_tail) {
os_mem_free_large(log->crypt_tail, srv_sort_buf_size
+ WOLFSSL_PAD_SIZE);
os_mem_free_large(log->crypt_tail, srv_sort_buf_size);
}

mutex_free(&log->mutex);
@@ -54,14 +54,6 @@ Completed by Sunny Bains and Marko Makela
# define posix_fadvise(fd, offset, len, advice) /* nothing */
#endif /* _WIN32 */

#ifdef HAVE_WOLFSSL
// Workaround for MDEV-19582
// (WolfSSL accesses memory out of bounds)
# define WOLFSSL_PAD_SIZE MY_AES_BLOCK_SIZE
#else
# define WOLFSSL_PAD_SIZE 0
#endif

/* Whether to disable file system cache */
char srv_disable_sort_file_cache;

@@ -4627,7 +4619,7 @@ row_merge_build_indexes(

if (log_tmp_is_encrypted()) {
crypt_block = static_cast<row_merge_block_t*>(
alloc.allocate_large(block_size + WOLFSSL_PAD_SIZE,
alloc.allocate_large(block_size,
&crypt_pfx));

if (crypt_block == NULL) {
@@ -4999,7 +4991,7 @@ row_merge_build_indexes(

if (crypt_block) {
alloc.deallocate_large(crypt_block, &crypt_pfx,
block_size + WOLFSSL_PAD_SIZE);
block_size);
}

DICT_TF2_FLAG_UNSET(new_table, DICT_TF2_FTS_ADD_DOC_ID);

0 comments on commit f61a980

Please sign in to comment.
You can’t perform that action at this time.