database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-27 18:02:13 +03:00
Code Activity

MDEV-28315 Fix ASAN stack-buffer-overflow in String::copy_aligned

Browse Source 
Starting since this commit 36cdd5c3cd
there is an ASAN stack-buffer-overflow error because we append a NULL
terminator beyond the length of memory allocated.

Reviewed by: Monty and Nayuta Yanagisawa
This commit is contained in:
Norio Akagi
2022-08-01 04:27:33 -07:00
committed by GitHub
parent 63478e72de
commit 84d26f98c7
4 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
mysql-test/main/strings.result
View File

@ -18,3 +18,13 @@ LENGTH(CONCAT_WS(d, ' '))
1
1
DROP TABLE t1;
#
# MDEV-28315 ASAN stack-buffer-overflow in String::copy_aligned
#
CREATE TABLE t1 (a VARBINARY(128)) CHARACTER SET utf32;
INSERT INTO t1 VALUES ('South Carolina, Vermont, New Jersey, New Mexico, Wisconsin, Missouri, Delaware');
CREATE TABLE t2 (b SET('South Carolina', 'Vermont', 'Texas', 'New Mexico', 'Wisconsin', 'Missouri', 'Delaware', 'Wyoming', 'New Jersey', 'Maryland', 'Illinois', 'New York')) CHARACTER SET utf32;
INSERT INTO t2 SELECT * FROM t1;
ERROR 01000: Data truncated for column 'b' at row 1
DROP TABLE t1;
DROP TABLE t2;