List:Commits« Previous MessageNext Message »
From:msvensson Date:April 27 2006 8:44am
Subject:bk commit into 5.1 tree (msvensson:1.2369)
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of msvensson. When msvensson does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.2369 06/04/27 08:44:42 msvensson@neptunus.(none) +1 -0
  Merge bk-internal:/home/bk/mysql-5.1-new
  into  neptunus.(none):/home/msvensson/mysql/mysql-5.1

  sql/sql_parse.cc
    1.542 06/04/27 08:44:31 msvensson@neptunus.(none) +0 -0
    Auto merged

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	msvensson
# Host:	neptunus.(none)
# Root:	/home/msvensson/mysql/mysql-5.1/RESYNC

--- 1.541/sql/sql_parse.cc	2006-04-26 12:07:44 +02:00
+++ 1.542/sql/sql_parse.cc	2006-04-27 08:44:31 +02:00
@@ -1023,13 +1023,20 @@
     *passwd++ : strlen(passwd);
   db= thd->client_capabilities & CLIENT_CONNECT_WITH_DB ?
     db + passwd_len + 1 : 0;
+  uint db_len= db ? strlen(db) : 0;
+
+  if (passwd + passwd_len + db_len > (char *)net->read_pos + pkt_len)
+  {
+    inc_host_errors(&thd->remote.sin_addr);
+    return ER_HANDSHAKE_ERROR;
+  }
 
   /* Since 4.1 all database names are stored in utf8 */
   if (db)
   {
     db_buff[copy_and_convert(db_buff, sizeof(db_buff)-1,
                              system_charset_info,
-                             db, strlen(db),
+                             db, db_len,
                              thd->charset(), &dummy_errors)]= 0;
     db= db_buff;
   }
@@ -1615,7 +1622,17 @@
   {
     char *db, *tbl_name;
     uint db_len= *(uchar*) packet;
+    if (db_len >= packet_length || db_len > NAME_LEN)
+    {
+      my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0));
+      break;
+    }
     uint tbl_len= *(uchar*) (packet + db_len + 1);
+    if (db_len+tbl_len+2 > packet_length || tbl_len > NAME_LEN)
+    {
+      my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0));
+      break;
+    }
 
     statistic_increment(thd->status_var.com_other, &LOCK_status);
     thd->enable_slow_log= opt_log_slow_admin_statements;
Thread
bk commit into 5.1 tree (msvensson:1.2369)msvensson27 Apr