From 67b5eaa3fb4ebdae498b7b8a2ed9c3a5142abcca Mon Sep 17 00:00:00 2001
From: Axel Svensson <axel@hopsworks.ai>
Date: Fri, 2 May 2025 12:46:51 +0200
Subject: [PATCH] [RONDB-892] File system password length check

- Check that password is not too long, as that would lead to memory
  corruption.
---
 storage/ndb/src/kernel/ndbd.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/storage/ndb/src/kernel/ndbd.cpp b/storage/ndb/src/kernel/ndbd.cpp
index d5e2acea17d3..3b197495c212 100644
--- a/storage/ndb/src/kernel/ndbd.cpp
+++ b/storage/ndb/src/kernel/ndbd.cpp
@@ -1149,6 +1149,12 @@ void ndbd_run(bool foreground, int report_fd, const char *connect_str,
           "empty password not allowed");
       ndbd_exit(-1);
     }
+    if (pwd_size > MAX_BACKUP_ENCRYPTION_PASSWORD_LENGTH) {
+      g_eventLogger->info(
+          "Invalid filesystem password, "
+          "too long");
+      ndbd_exit(-1);
+    }
 
     memcpy(globalData.filesystemPassword, pwd, pwd_size);
     globalData.filesystemPassword[pwd_size] = '\0';