Hi Alexander,
still, there is one question...
On Tue, Feb 01, 2011 at 03:36:16PM -0000, Alexander Barkov wrote:
> #At file:///home/bar/mysql-bzr/mysql-5.5.b58036/ based on
> revid:ole.john.aske@stripped
>
> 3294 Alexander Barkov 2011-02-01
BUG#.... line is missing.
> Problem: ucs2 was correctly disallowed in "SET NAMES" only,
> while mysql_real_connect() and mysql_change_user() still allowed
> to use ucs2, which made server crash.
...skip...
> === modified file 'sql/sql_acl.cc'
> --- a/sql/sql_acl.cc 2011-01-14 15:48:11 +0000
> +++ b/sql/sql_acl.cc 2011-02-01 15:30:06 +0000
> @@ -7799,7 +7799,8 @@ public:
> Thd_charset_adapter(THD *thd_arg) : thd (thd_arg) {}
> bool init_client_charset(uint cs_number)
> {
> - thd_init_client_charset(thd, cs_number);
> + if (thd_init_client_charset(thd, cs_number))
> + return true;
> thd->update_charset();
> return thd->is_error();
> }
> @@ -8236,6 +8237,18 @@ static bool parse_com_change_user_packet
> uint dummy_errors;
>
> DBUG_ENTER ("parse_com_change_user_packet");
> +
> + /*
> + The caller expects that this function allocates user_name using
> + my_strndup() and calls my_free(user_name) later in some cases.
> +
> + Let's set user_name to NULL here, to avoid my_free() on uninitialized
> + memory for those cases when we return from here *before* user_name is
> + actually allocated. This happens on errors: packet error, bad charset.
> + */
> + mpvio->auth_info.user_name= NULL;
> + mpvio->auth_info.user_name_length= 0;
> +
> if (passwd >= end)
> {
> my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0));
>
When does the caller set auth_info.user_name to not NULL and when does the
caller free it?
Regards,
Sergey
--
Sergey Vojtovich <svoj@stripped>
MySQL AB, Software Engineer
Izhevsk, Russia, www.mysql.com
