From f15f5048d051ef2490506b39396d7b50fe8b5b9d Mon Sep 17 00:00:00 2001
From: jmestwa-coder <jmestwa@gmail.com>
Date: Thu, 2 Apr 2026 22:45:12 +0530
Subject: [PATCH] sql_acl: assert passwd stays within packet bounds

Replace runtime check with DBUG_ASSERT to document the invariant
that passwd remains within the packet buffer, as guaranteed by
higher-level code.
---
 sql/sql_acl.cc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 8b3dee29748ad..8efe64a73f62c 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -14495,6 +14495,7 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio,
   }
   else if (!(thd->client_capabilities & CLIENT_PLUGIN_AUTH_LENENC_CLIENT_DATA))
   {
+    DBUG_ASSERT(passwd < (char*) net->read_pos + pkt_len);
     passwd_len= (uchar)(*passwd++);
     db= thd->client_capabilities & CLIENT_CONNECT_WITH_DB ?
       passwd + passwd_len : 0;