Viewing all changes in revision 2502.1193.1.
- Committer: Georgi Kodinov
- Date: 2012-07-05 10:41:16 UTC
- mto: (2502.1137.215 mysql-5.1)
- mto: This revision was merged to the branch mainline in revision 3164.
- Revision ID: georgi.kodinov@oracle.com-20120705104116-xgx0v1pla6c99cxq
Bug #13889741: HANDLE_FATAL_SIGNAL IN _DB_ENTER_ |
HANDLE_FATAL_SIGNAL IN STRNLEN
Fixed the following bounds checking problems :
1. in check_if_legal_filename() make sure the null terminated
string is long enough before accessing the bytes in it.
Prevents pottential read-past-buffer-end
2. in my_wc_mb_filename() of the filename charset check
for the end of the destination buffer before sending single
byte characters into it.
Prevents write-past-end-of-buffer (and garbaling stack in
the cases reported here) errors.
Added test cases.
HANDLE_FATAL_SIGNAL IN STRNLEN
Fixed the following bounds checking problems :
1. in check_if_legal_filename() make sure the null terminated
string is long enough before accessing the bytes in it.
Prevents pottential read-past-buffer-end
2. in my_wc_mb_filename() of the filename charset check
for the end of the destination buffer before sending single
byte characters into it.
Prevents write-past-end-of-buffer (and garbaling stack in
the cases reported here) errors.
Added test cases.
- files modified:
- mysys/my_access.c
expand all
collapse all
added
removed
