From dc1e9bfb562969845b0e39585d9224d33a6fb108 Mon Sep 17 00:00:00 2001
From: "Tatiana A. Nurnberg" <azundris@mysql.com>
Date: Thu, 19 Mar 2009 18:42:43 +0100
Subject: [PATCH] Bug#43153: Version comment is too long

mysql-client used static buffer to concatenate server-
version and version_comment. Sufficiently long comments
could get cut off. This was harmless, but looked daft.

Now using a dynamic buffer instead.
---
 client/mysql.cc | 35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)

diff --git a/client/mysql.cc b/client/mysql.cc
index 6f32cc768e4..3e96ed0603e 100644
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -49,7 +49,7 @@ const char *VER= "14.14";
 #define MAX_COLUMN_LENGTH	     1024
 
 /* Buffer to hold 'version' and 'version_comment' */
-#define MAX_SERVER_VERSION_LENGTH     128
+static char *server_version= NULL;
 
 /* Array of options to pass to libemysqld */
 #define MAX_SERVER_ARGS               64
@@ -1236,6 +1236,7 @@ sig_handler mysql_end(int sig)
   glob_buffer.free();
   old_buffer.free();
   processed_prompt.free();
+  my_free(server_version,MYF(MY_ALLOW_ZERO_PTR));
   my_free(opt_password,MYF(MY_ALLOW_ZERO_PTR));
   my_free(opt_mysql_unix_port,MYF(MY_ALLOW_ZERO_PTR));
   my_free(histfile,MYF(MY_ALLOW_ZERO_PTR));
@@ -4365,16 +4366,11 @@ select_limit, max_join_size);
 static const char *
 server_version_string(MYSQL *con)
 {
-  static char buf[MAX_SERVER_VERSION_LENGTH] = "";
-
   /* Only one thread calls this, so no synchronization is needed */
-  if (buf[0] == '\0')
+  if (server_version == NULL)
   {
-    char *bufp = buf;
     MYSQL_RES *result;
 
-    bufp= strnmov(buf, mysql_get_server_info(con), sizeof buf);
-
     /* "limit 1" is protection against SQL_SELECT_LIMIT=0 */
     if (!mysql_query(con, "select @@version_comment limit 1") &&
         (result = mysql_use_result(con)))
@@ -4382,17 +4378,32 @@ server_version_string(MYSQL *con)
       MYSQL_ROW cur = mysql_fetch_row(result);
       if (cur && cur[0])
       {
-        bufp = strxnmov(bufp, sizeof buf - (bufp - buf), " ", cur[0], NullS);
+        /* version, space, comment, \0 */
+        size_t len= strlen(mysql_get_server_info(con)) + strlen(cur[0]) + 2;
+
+        if ((server_version= (char *) my_malloc(len, MYF(MY_WME))))
+        {
+          char *bufp;
+          bufp = strmov(server_version, mysql_get_server_info(con));
+          bufp = strmov(bufp, " ");
+          (void) strmov(bufp, cur[0]);
+        }
       }
       mysql_free_result(result);
     }
 
-    /* str*nmov doesn't guarantee NUL-termination */
-    if (bufp == buf + sizeof buf)
-      buf[sizeof buf - 1] = '\0';
+    /*
+      If for some reason we didn't get a version_comment, we'll
+      keep things simple.
+    */
+
+    if (server_version == NULL)
+    {
+      server_version= strdup(mysql_get_server_info(con));
+    }
   }
 
-  return buf;
+  return server_version ? server_version : "";
 }
 
 static int