sql_table.cc key length limit check disabled for FULLTEXT

ft_parser.c Nasty buffer overflow fixed
author: serg@serg.mysql.com <> 2000-10-04 17:26:31 +0200
committer: serg@serg.mysql.com <> 2000-10-04 17:26:31 +0200
commit: 054d7c9abfc965f9fd8dbc45fc424d46b74c9ff9 (patch)
tree: 574fc49e8c4a7ada06a34ac72e3caf48940377e8
parent: 67dd1d11323d5bc1eccb12be0a2d79461913f982 (diff)
download: mariadb-git-054d7c9abfc965f9fd8dbc45fc424d46b74c9ff9.tar.gz
2 files changed, 18 insertions, 17 deletions
diff --git a/myisam/ft_parser.c b/myisam/ft_parser.c
index 5f5159a57dd..838901bf049 100644
--- a/myisam/ft_parser.c
+++ b/myisam/ft_parser.c
@@ -1,15 +1,15 @@
 /* Copyright (C) 2000 MySQL AB & MySQL Finland AB & TCX DataKonsult AB
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
@@ -141,6 +141,7 @@ TREE * ft_parse(TREE *wtree, byte *doc, int doclen)
     for (w.pos=doc; doc<end; doc++)
       if (!word_char(*doc)) break;
     if ((w.len= (uint) (doc-w.pos)) < MIN_WORD_LEN) continue;
+    if (w.len >= HA_FT_MAXLEN) continue;
     if (!tree_insert(wtree, &w, 0))
     {
       delete_tree(wtree);
diff --git a/sql/sql_table.cc b/sql/sql_table.cc
index 3cb40d7d9ed..73a06c1a1be 100644
--- a/sql/sql_table.cc
+++ b/sql/sql_table.cc
@@ -469,7 +469,7 @@ int mysql_create_table(THD *thd,const char *db, const char *table_name,
       }
     }
     key_info->key_length=(uint16) key_length;
-    if (key_length > file->max_key_length())
+    if (key_length > file->max_key_length() && key->type != Key::FULLTEXT)
     {
       my_error(ER_TOO_LONG_KEY,MYF(0),file->max_key_length());
       DBUG_RETURN(-1);
@@ -725,9 +725,9 @@ bool close_cached_table(THD *thd,TABLE *table)
 
 static int send_check_errmsg(THD* thd, TABLE_LIST* table,
 			     const char* operator_name, const char* errmsg)
-			     
+
 {
-  
+
   String* packet = &thd->packet;
   packet->length(0);
   net_store_data(packet, table->name);
@@ -744,7 +744,7 @@ static int send_check_errmsg(THD* thd, TABLE_LIST* table,
 static int prepare_for_restore(THD* thd, TABLE_LIST* table)
 {
   String *packet = &thd->packet;
-  
+
   if(table->table) // do not overwrite existing tables on restore
     {
       return send_check_errmsg(thd, table, "restore",
@@ -757,10 +757,10 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table)
       char src_path[FN_REFLEN], dst_path[FN_REFLEN];
       char* table_name = table->name;
       char* db = thd->db ? thd->db : table->db;
-	
+
       if(!fn_format(src_path, table_name, backup_dir, reg_ext, 4 + 64))
 	return -1; // protect buffer overflow
-	    
+
       sprintf(dst_path, "%s/%s/%s", mysql_real_data_home, db, table_name);
 
       int lock_retcode;
@@ -770,14 +770,14 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table)
 	  pthread_mutex_unlock(&LOCK_open);
 	  return -1;
 	}
-      
+
       if(lock_retcode && wait_for_locked_table_names(thd, table))
 	{
           pthread_mutex_unlock(&LOCK_open);
 	  return -1;
 	}
       pthread_mutex_unlock(&LOCK_open);
-      
+
       if(my_copy(src_path,
 		 fn_format(dst_path, dst_path,"",
 			   reg_ext, 4),
@@ -790,25 +790,25 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table)
       thd->net.no_send_ok = 1;
       // generate table will try to send OK which messes up the output
       // for the client
-      
+
       if(generate_table(thd, table, 0))
 	{
 	  thd->net.no_send_ok = save_no_send_ok;
            return send_check_errmsg(thd, table, "restore",
 				    "Failed generating table from .frm file");
 	}
-      
+
       thd->net.no_send_ok = save_no_send_ok;
     }
-	
-  return 0;	
+
+  return 0;
 }
 
 static int mysql_admin_table(THD* thd, TABLE_LIST* tables,
 			     HA_CHECK_OPT* check_opt,
 			     thr_lock_type lock_type,
 			     bool open_for_modify,
-			     const char *operator_name, 
+			     const char *operator_name,
 			     int (handler::*operator_func)
 			     (THD *, HA_CHECK_OPT *))
 {
@@ -849,7 +849,7 @@ static int mysql_admin_table(THD* thd, TABLE_LIST* tables,
       // to finish the restore in the handler later on
       table->table = reopen_name_locked_table(thd, table);
     }
-    
+
     if (!table->table)
     {
       const char *err_msg;
author	serg@serg.mysql.com <>	2000-10-04 17:26:31 +0200
committer	serg@serg.mysql.com <>	2000-10-04 17:26:31 +0200
commit	054d7c9abfc965f9fd8dbc45fc424d46b74c9ff9 (patch)
tree	574fc49e8c4a7ada06a34ac72e3caf48940377e8
parent	67dd1d11323d5bc1eccb12be0a2d79461913f982 (diff)
download	mariadb-git-054d7c9abfc965f9fd8dbc45fc424d46b74c9ff9.tar.gz