Commit 7901304f authored by Nathan VanBenschoten's avatar Nathan VanBenschoten

sql: properly handle NULL hashedPassword column in system.users

Fixes #48769.

Before this change, attempts to log in as a user with a NULL value
in their "hashedPassword" column in the system.users table would
cause the server to crash. This was because `retrieveUserAndPassword`
was not properly handling NULL values.

This change fixes this.

Release note (bug fix): Manually writing a NULL value into the
system.users table for the "hashedPassword" column will no longer
cause a server crash during user authentication.
parent 25903a88
......@@ -267,4 +267,3 @@ I: [n1,client=XXX,local] 81 disconnected; duration: XXX
subtest end
subtest end
......@@ -93,3 +93,34 @@ DROP USER testuser; CREATE USER testuser
ok
subtest end user_has_both_cert_and_passwd
subtest user_has_null_hashed_password_column
# This test manually adds a user to the system.users table with a NULL (not
# empty) hashedPassword and attempts to log in as that user. This used to crash
# the server (and this test) because the authentication routine only properly
# handled empty hashedPassword values. See #48769.
sql
INSERT INTO system.users (username, "hashedPassword") VALUES ('nopassword', NULL)
----
ok
set_hba
host all nopassword 0.0.0.0/0 password
----
# Active authentication configuration on this node:
# Original configuration:
# host all root all cert-password # CockroachDB mandatory rule
# host all nopassword 0.0.0.0/0 password
#
# Interpreted configuration:
# TYPE DATABASE USER ADDRESS METHOD OPTIONS
host all root all cert-password
host all nopassword 0.0.0.0/0 password
connect user=nopassword
----
ERROR: password authentication failed for user nopassword
subtest end user_has_null_hashed_password_column
......@@ -119,7 +119,9 @@ func retrieveUserAndPassword(
}
if values != nil {
exists = true
hashedPassword = []byte(*(values[0].(*tree.DBytes)))
if v := values[0]; v != tree.DNull {
hashedPassword = []byte(*(v.(*tree.DBytes)))
}
}
if !exists {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment