MDEV-31543: ASAN heap-buffer-overflow in strncpy when fetching keys

using JSON_OBJECT_FILTER_KEYS function Analysis: Insufficient buffer size while copying the data. Fix: Change buffer size to accomodate all data.
2025-07-29 05:21:33 +03:00 · 2024-04-25 01:32:58 +05:30
parent a21e49cbcc
commit 2455f1a93d
3 changed files with 21 additions and 1 deletions
--- a/mysql-test/main/func_json.result
+++ b/mysql-test/main/func_json.result
@ -5197,5 +5197,15 @@ JSON_ARRAY_INTERSECT(c1, c2)
 [4]
 DROP TABLE t1;
 #
+# MDEV-31543: ASAN heap-buffer-overflow in strncpy when fetching keys using JSON_OBJECT_FILTER_KEYS function
+#
+SET @arr1='[1,2,"c"]';
+SET character_set_database=ucs2;
+SET CHARACTER SET utf8;
+SET @obj1='{ "a": 1,"b": 2,"c": 3}';
+SELECT JSON_OBJECT_FILTER_KEYS (@obj1,@arr1);
+JSON_OBJECT_FILTER_KEYS (@obj1,@arr1)
+NULL
+#
 # End of 11.2 Test
 #