On 3/4/11 8:02 AM, Dmitry Shulga wrote:
> #Atfile:///Users/shulga/projects/mysql/5.1-bugteam-bug56976/ based
> 3537 Dmitry Shulga 2011-03-04
> Fixed Bug#11764168 "56976: SEVERE DENIAL OF SERVICE IN PREPARED STATEMENTS".
> The problem was that server didn't check resulting size of prepared
> statement argument which was set using mysql_send_long_data() API.
> By calling mysql_send_long_data() several times it was possible
> to create overly big string and thus force server to allocate
> memory for it. There was no way to limit this allocation.
OK to push.