MDEV-26323 use-after-poison issue of MariaDB server

mysql-test/r/plugin.result

@@ -353,4 +353,13 @@ select * from mysql.plugin WHERE name='unexisting_plugin';
 name	dl
 UNINSTALL PLUGIN unexisting_plugin;
 ERROR 42000: PLUGIN unexisting_plugin does not exist
+#
+# MDEV-26323 use-after-poison issue of MariaDB server
+#
+INSTALL PLUGIN DEALLOCATE SONAME '';
+ERROR HY000: Can't open shared library '.so'
+INSTALL PLUGIN DEALLOCATE SONAME 'x';
+ERROR HY000: Can't open shared library 'x.so'
+INSTALL PLUGIN DEALLOCATE SONAME 'xx';
+ERROR HY000: Can't open shared library 'xx.so'
 # End of 10.2 tests

mysql-test/t/plugin.test

@@ -295,4 +295,21 @@ select * from mysql.plugin WHERE name='unexisting_plugin';
 --error ER_SP_DOES_NOT_EXIST
 UNINSTALL PLUGIN unexisting_plugin;
 
+--echo #
+--echo # MDEV-26323 use-after-poison issue of MariaDB server
+--echo #
+
+--replace_regex /library '.*[\\/].(dll|so)' [(].*[)]/library '.so'/
+--error ER_CANT_OPEN_LIBRARY
+INSTALL PLUGIN DEALLOCATE SONAME '';
+
+--replace_regex /library '.*[\\/]x.(dll|so)' [(].*[)]/library 'x.so'/
+--error ER_CANT_OPEN_LIBRARY
+INSTALL PLUGIN DEALLOCATE SONAME 'x';
+
+--replace_regex /library '.*[\\/]xx.(dll|so)' [(].*[)]/library 'xx.so'/
+--error ER_CANT_OPEN_LIBRARY
+INSTALL PLUGIN DEALLOCATE SONAME 'xx';
+
+
 --echo # End of 10.2 tests

sql/sql_plugin.cc

@@ -372,7 +372,8 @@ bool check_valid_path(const char *path, size_t len)
 static void fix_dl_name(MEM_ROOT *root, LEX_STRING *dl)
 {
   const size_t so_ext_len= sizeof(SO_EXT) - 1;
-  if (my_strcasecmp(&my_charset_latin1, dl->str + dl->length - so_ext_len,
+  if (dl->length < so_ext_len ||
+      my_strcasecmp(&my_charset_latin1, dl->str + dl->length - so_ext_len,
                     SO_EXT))
   {
     char *s= (char*)alloc_root(root, dl->length + so_ext_len + 1);