MDEV-39219: buffer overflow in PROXY protocol v1 header parsing

[uwezkhan]

This fixes a buffer overflow issue in the PROXY protocol v1 header parsing.

The loop that reads the header could fill the entire buffer and then add a null terminator past the boundary, which leads to an off-by-one overflow.

I updated the loop condition to make sure there is always space left for the null terminator.

Also added a small check to handle cases where the connection closes early, so we don’t process incomplete data.

This change does not affect normal behavior, it just makes the parsing safer.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

uwezkhan06 seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[gkodinov]

Thank you for your contribution! This is a preliminary review.

First of all: sign the CLA please: either pick BSD or MariaCLA.

Secondly: Please add a commit message to your commit that's compliant with MariaDB coding standards.

Thirdly: This is a bug. Find the lowest SUPPORTED version this is in and target that instead of main. I'd say 10.11.

And, last but not least: please add a test! There are regression tests for the proxy protocol. Extend these.

[uwezkhan]

Thanks for the review and guidance!

I’ve updated the patch to:

• use correct read semantics (pos += len)
• ensure safe buffer handling with full header support
• handle connection close safely during read

I’ve also added and registered a regression test for maximum header length in mysql_client_test.c.

Please let me know if anything else needs adjustment.

[vaintroub]

There is a (arguably incorrect) error message from GCC
/home/buildbot/tests/mysql_client_test.c:20764:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
20764 | const char *prefix = "PROXY TCP4 1.2.3.4 5.6.7.8 1234 5678";

eventhough we compile with C99, it still throughs this "ISO C90" warning, which turns to error in Linux debug compilation. Anyway, can you move that variable declaration at the start of the block, to fix the GCC.

[uwezkhan]

Thanks for pointing that out.

I’ve moved the variable declarations to the beginning of the function to comply with the C90-style requirement and avoid the GCC warning.

I’ve pushed the updated patch.

[gkodinov]

Thanks for working on this. I'll leave the finer points to the final reviewer.

Please:

• squash your commit into a single one
• rebase on 10.11
• Add a commit message to your commit that's compliant with the mariadb coding standards.