On 3/14/11 12:21 PM, Dmitry Shulga wrote:
> #At file:///Users/shulga/projects/mysql/mysql-5.5/ based on
> revid:marc.alff@stripped
>
> 3362 Dmitry Shulga 2011-03-14 [merge]
> Manual merge from mysql-5.1 for Bug#11764168 (56976: Severe denial
> of service in prepared statements).
> @ sql/sql_prepare.cc
> At mysql_stmt_get_longdata(): instead of pushing an internal
> error handler (as done in 5.1-tree) we save, set and restore
> the statement's diagnostics area and warning info.
>
OK to push. One minor detail below.
> === modified file 'sql/sql_prepare.cc'
> --- a/sql/sql_prepare.cc 2011-03-01 14:42:37 +0000
> +++ b/sql/sql_prepare.cc 2011-03-14 15:19:44 +0000
> @@ -2784,6 +2784,7 @@ void mysql_sql_stmt_close(THD *thd)
> }
> }
>
> +
> /**
> Handle long data in pieces from client.
>
> @@ -2840,17 +2841,25 @@ void mysql_stmt_get_longdata(THD *thd, c
>
> param= stmt->param_array[param_number];
>
> + Diagnostics_area new_stmt_da, *save_stmt_da= thd->stmt_da;
> + Warning_info new_warnning_info(thd->query_id), *save_warinig_info=
> thd->warning_info;
warnning -> warning
warinig -> warning
Regards,
Davi
