database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-07 00:04:31 +03:00
Code Activity

MDEV-28762: recursive call of some json functions without stack control

Browse Source 
Analysis: Some recursive json functions dont check for stack control
Fix: Add check_stack_overrun(). The last argument is NULL because it is not
used
This commit is contained in:
Rucha Deodhar
2022-06-21 19:10:11 +05:30
parent a5dc76a051
commit 5ad14ab272
3 changed files with 41 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
sql/item_jsonfunc.cc
View File

@@ -18,6 +18,7 @@
#include "sql_priv.h"
#include "sql_class.h"
#include "item.h"
#include "sql_parse.h"
/*
@@ -4406,6 +4407,11 @@ int json_find_overlap_with_object(json_engine_t *js, json_engine_t *value,
*/
int check_overlaps(json_engine_t *js, json_engine_t *value, bool compare_whole)
{
DBUG_EXECUTE_IF("json_check_min_stack_requirement",
{alloca(my_thread_stack_size-(STACK_MIN_SIZE));});
if (check_stack_overrun(current_thd, STACK_MIN_SIZE, NULL))
return 0;
switch (js->value_type)
{
case JSON_VALUE_OBJECT: