Bug#31752: check strmake() bounds

strmake() called with wrong parameters: 5.0-specific fixes. client/mysql.cc: In debug-mode, strmake() fills unused part of buffer with a test-pattern. This overwrites our previous extra '\0' (from previous bzero()). sql/sp.cc: off-by-one buffer-size.
2025-08-08 11:22:35 +03:00 · 2007-11-26 09:13:23 +01:00
parent fe280afa26
commit 1c72446ef6
2 changed files with 5 additions and 2 deletions
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -2987,7 +2987,10 @@ com_connect(String *buffer, char *line)
      Two null bytes are needed in the end of buff to allow
      get_arg to find end of string the second time it's called.
    */
-    strmake(buff, line, sizeof(buff)-2);
+    tmp= strmake(buff, line, sizeof(buff)-2);
+#ifdef EXTRA_DEBUG
+    tmp[1]= 0;
+#endif
    tmp= get_arg(buff, 0);
    if (tmp && *tmp)
    {