database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-08 11:22:35 +03:00
Code Activity

Fix for

Browse Source 
bug #27715: mysqld --character-sets-dir buffer overflow
bug ##26851: Mysql Client --pager Buffer Overflow

Using strmov() to copy an argument may cause overflow 
if the argument's length is bigger than the buffer:
use strmake instead.
Also, we have to encrease the error message buffer size to fit 
the longest message.
This commit is contained in:
ramil/ram@mysql.com/ramil.myoffice.izhnet.ru
2007-04-16 12:28:02 +05:00
parent 9abaacca9c
commit e62dbcf746
4 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client/mysql.cc
View File

@@ -808,7 +808,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
break;
#endif
case OPT_CHARSETS_DIR:
strmov(mysql_charsets_dir, argument);
strmake(mysql_charsets_dir, argument, sizeof(mysql_charsets_dir) - 1);
charsets_dir = mysql_charsets_dir;
break;
case OPT_DEFAULT_CHARSET:
@@ -861,7 +861,7 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
if (argument && strlen(argument))
{
default_pager_set= 1;
strmov(pager, argument);
strmake(pager, argument, sizeof(pager) - 1);
strmov(default_pager, pager);
}
else if (default_pager_set)