#At file:///home/svoj/mysql/server/mysql-5.5-bugteam-bug58205/ based on revid:georgi.kodinov@stripped
3151 Sergey Vojtovich 2010-12-01
BUG#58205 - Valgrind failure in fn_format when called from
archive_discover
Fixed buffer underrun in cleanup_dirname().
Also fixed that original (unencoded) database and table
names were used to discover archive tables.
@ mysql-test/r/archive.result
A test case for BUG#58205.
@ mysql-test/t/archive.test
A test case for BUG#58205.
@ mysys/mf_pack.c
Fixed buffer underrun in cleanup_dirname(), when
it gets path like "a/../" (relative path, where
first directory is to be cut off).
@ storage/archive/ha_archive.cc
Handler discover method gets database and table
names as is. It must use build_table_filename()
to get name similar to what it gets on create()
and open().
modified:
mysql-test/r/archive.result
mysql-test/t/archive.test
mysys/mf_pack.c
storage/archive/ha_archive.cc
=== modified file 'mysql-test/r/archive.result'
--- a/mysql-test/r/archive.result 2010-07-26 15:54:20 +0000
+++ b/mysql-test/r/archive.result 2010-12-01 12:56:46 +0000
@@ -12801,3 +12801,9 @@ t1 CREATE TABLE `t1` (
`a` int(11) DEFAULT NULL
) ENGINE=ARCHIVE DEFAULT CHARSET=latin1
DROP TABLE t1;
+#
+# BUG#58205 - Valgrind failure in fn_format when called from
+# archive_discover
+#
+CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
+DROP TABLE `a/../`;
=== modified file 'mysql-test/t/archive.test'
--- a/mysql-test/t/archive.test 2010-07-26 15:54:20 +0000
+++ b/mysql-test/t/archive.test 2010-12-01 12:56:46 +0000
@@ -1722,3 +1722,11 @@ INSERT INTO t1 VALUES (2);
SELECT * FROM t1 ORDER BY a;
SHOW CREATE TABLE t1;
DROP TABLE t1;
+
+--echo #
+--echo # BUG#58205 - Valgrind failure in fn_format when called from
+--echo # archive_discover
+--echo #
+CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
+remove_file $MYSQLD_DATADIR/test/a@002f@002e@002e@stripped;
+DROP TABLE `a/../`;
=== modified file 'mysys/mf_pack.c'
--- a/mysys/mf_pack.c 2010-07-15 13:47:50 +0000
+++ b/mysys/mf_pack.c 2010-12-01 12:56:46 +0000
@@ -192,7 +192,8 @@ size_t cleanup_dirname(register char *to
end_parentdir=pos;
while (pos >= start && *pos != FN_LIBCHAR) /* remove prev dir */
pos--;
- if (pos[1] == FN_HOMELIB || memcmp(pos,parent,length) == 0)
+ if (pos[1] == FN_HOMELIB ||
+ (pos > start && memcmp(pos, parent, length) == 0))
{ /* Don't remove ~user/ */
pos=strmov(end_parentdir+1,parent);
*pos=FN_LIBCHAR;
=== modified file 'storage/archive/ha_archive.cc'
--- a/storage/archive/ha_archive.cc 2010-10-06 14:34:28 +0000
+++ b/storage/archive/ha_archive.cc 2010-12-01 12:56:46 +0000
@@ -20,6 +20,7 @@
#include "sql_priv.h"
#include "probes_mysql.h"
#include "sql_class.h" // SSV
+#include "sql_table.h"
#include <myisam.h>
#include "ha_archive.h"
@@ -256,7 +257,7 @@ int archive_discover(handlerton *hton, T
char *frm_ptr;
MY_STAT file_stat;
- fn_format(az_file, name, db, ARZ, MY_REPLACE_EXT | MY_UNPACK_FILENAME);
+ build_table_filename(az_file, sizeof(az_file) - 1, db, name, ARZ, 0);
if (!(my_stat(az_file, &file_stat, MYF(0))))
goto err;
Attachment: [text/bzr-bundle] bzr/sergey.vojtovich@oracle.com-20101201125646-ixj9g9x4ll6ilasb.bundle
