Merge pull request #19474 from ClickHouse/aes-fix-strange-code

Fix insufficient args check in AES functions
2024-09-20 08:40:50 +00:00 · 2021-01-23 22:05:01 +03:00 · 2021-01-23 22:05:01 +03:00 · ab6343ff1f
commit ab6343ff1f
parent 9df296b55e ea26e5e784
7 changed files with 3 additions and 13 deletions
--- a/docker/test/fasttest/run.sh
+++ b/docker/test/fasttest/run.sh
@ -270,6 +270,7 @@ function run_tests
        01318_encrypt                           # Depends on OpenSSL
        01318_decrypt                           # Depends on OpenSSL
        01663_aes_msan                          # Depends on OpenSSL
+        01667_aes_args_check                    # Depends on OpenSSL
        01281_unsucceeded_insert_select_queries_counter
        01292_create_user
        01294_lazy_database_concurrent
--- a/src/Functions/FunctionsAES.h
+++ b/src/Functions/FunctionsAES.h
@ -168,7 +168,7 @@ private:
        validateFunctionArgumentTypes(*this, arguments,
            FunctionArgumentDescriptors{
                {"mode", isStringOrFixedString, isColumnConst, "encryption mode string"},
-                {"input", nullptr, nullptr, "plaintext"},
+                {"input", isStringOrFixedString, nullptr, "plaintext"},
                {"key", isStringOrFixedString, nullptr, "encryption key binary string"},
            },
            optional_args
--- a/tests/performance/encrypt_decrypt.xml
+++ b/tests/performance/encrypt_decrypt.xml
@ -61,7 +61,6 @@
        <substitution>
           <name>plaintext</name>
           <values>
-              <value>number</value>
              <value>'paintext'</value>
              <value>'\x12\x2B\xF9\x16\x93\xA4\xD6\x74\x22\xD9\x17\x5E\x38\xCD\x1D\x7B\xB0\x12\xEC\x43\x6B\xC7\x76\xFD\xA1\xA2\x4E\xFC\xBC\x19\x92\x3A\x12\x8B\xD4\xB3\x62\xA8\x9D\xBB\x3E\x0C\x08\x12\x67\x20\x7D\x02\x58\xCF\xE7\xD6\x06\xB8\xB0\x14\x0A\x70\xA1\x81\x94\x14\x24\x74'</value>
           </values>
--- a/tests/queries/0_stateless/01318_encrypt.reference
+++ b/tests/queries/0_stateless/01318_encrypt.reference
@ -1,6 +1,3 @@
-UInt64	5417DEA8D67A1A03FD561809C62402FF
-Float64	9B66D0AA685DC0F1EFFA2E385F7EA2F2
-Decimal64	5417DEA8D67A1A03FD561809C62402FF
 MySQL-compatitable mode, with key folding, no length checks, etc.
 aes-128-cbc	B2EB028BC2236566A946085E65A5632B
 aes-128-cbc	25026C55954363AEF90325822218C370
--- a/tests/queries/0_stateless/01318_encrypt.sql
+++ b/tests/queries/0_stateless/01318_encrypt.sql
@ -48,14 +48,6 @@ SELECT aes_encrypt_mysql('aes-128-ecb', 'text', 'key', 'IV', 1213); --{serverErr
 SELECT encrypt('aes-128-ecb', 'text', 'key', 'IV', 1213); --{serverError 43} bad AAD type
 SELECT encrypt('aes-128-gcm', 'text', 'key', 'IV', 1213); --{serverError 43} bad AAD type

-----------------------------------------------------------------------------------------
-- Valid cases
-----------------------------------------------------------------------------------------
-
-SELECT 'UInt64', hex(aes_encrypt_mysql('aes-128-ecb', 123456789101112, 'keykeykeykeykeykeykeykeykeykeyke'));
-SELECT 'Float64', hex(aes_encrypt_mysql('aes-128-ecb', 1234567891011.12, 'keykeykeykeykeykeykeykeykeykeyke'));
-SELECT 'Decimal64', hex(aes_encrypt_mysql('aes-128-ecb', toDecimal64(1234567891011.12, 2), 'keykeykeykeykeykeykeykeykeykeyke'));
-
 -----------------------------------------------------------------------------------------
 -- Validate against predefined ciphertext,plaintext,key and IV for MySQL compatibility mode
 -----------------------------------------------------------------------------------------
--- a/tests/queries/0_stateless/01667_aes_args_check.reference
+++ b/tests/queries/0_stateless/01667_aes_args_check.reference
--- a/tests/queries/0_stateless/01667_aes_args_check.sql
+++ b/tests/queries/0_stateless/01667_aes_args_check.sql
@ -0,0 +1 @@
+SELECT encrypt('aes-128-ecb', [1, -1, 0, NULL], 'text'); -- { serverError 43 }
				`@ -0,0 +1 @@`
				`SELECT encrypt('aes-128-ecb', [1, -1, 0, NULL], 'text'); -- { serverError 43 }`