database/mariadb-columnstore-engine
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-columnstore-engine.git synced 2025-07-30 19:23:07 +03:00
Code Activity

MCOL-433 Fix cross engine buffer underrun

Browse Source 
If there is only one packet in the buffer it is possible that the read
doesn't contain the whole packet, the resulting in the buffer pointer
going less than 0 and bad things happening.
This commit is contained in:
Andrew Hutchings
2016-12-03 09:46:03 +00:00
parent ef3fe34af1
commit b3a227099f
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
utils/mysqlcl_idb/state.cc
View File

@ -73,6 +73,12 @@ drizzle_return_t drizzle_state_packet_read(drizzle_con_st *con)
con->packet_size= drizzle_get_byte3(con->buffer_ptr);
if (con->buffer_size < con->packet_size + 4)
{
drizzle_state_push(con, drizzle_state_read);
return DRIZZLE_RETURN_OK;
}
if (con->packet_number != con->buffer_ptr[3])
{
drizzle_set_error(con->drizzle, "drizzle_state_packet_read",