From: Satya Bodapati
Date: December 12 2012 10:08am
Subject: bzr push into mysql-5.6 branch (satya.bodapati:4759 to 4760) Bug#15913195
List-Archive: http://lists.mysql.com/commits/145498
X-Bug: 15913195
Message-Id: <20121212100823.13345.59089.4760@satya-ThinkPad-T420>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

 4760 Satya Bodapati	2012-12-12
      Bug#15913195 - FIL_MAKE_IBBACKUP_OLD_NAME FUNCTION CAN CAUSE BUFFER
      OVERFLOW
      
      Fixed the buffer overflow by passing the right offset of the 
      buffer to ut_sprintf_timestamp_without_extra_chars()
      
      No testcase because this is fixed and tested in meb
      branches(mysql-5.5-meb and
      mysql-5.6-meb). It is possible only to test in meb branches because of
      the
      UNIV_HOTBACKUP flag
      
      Approved by Marko. rb#1620

    modified:
      storage/innobase/fil/fil0fil.cc
 4759 Joerg Bruehe	2012-12-12 [merge]
      Automerge

    modified:
      mysql-test/mysql-test-run.pl
=== modified file 'storage/innobase/fil/fil0fil.cc'
--- a/storage/innobase/fil/fil0fil.cc	revid:joerg.bruehe@stripped
+++ b/storage/innobase/fil/fil0fil.cc	revid:satya.bodapati@stripped
@@ -3897,7 +3897,8 @@ fil_make_ibbackup_old_name(
 
 	memcpy(path, name, len);
 	memcpy(path + len, suffix, (sizeof suffix) - 1);
-	ut_sprintf_timestamp_without_extra_chars(path + len + sizeof suffix);
+	ut_sprintf_timestamp_without_extra_chars(
+		path + len + ((sizeof suffix) - 1));
 	return(path);
 }
 #endif /* UNIV_HOTBACKUP */

No bundle (reason: useless for push emails).