diff options
| author | Sergei Golubchik <sergii@pisem.net> | 2014-07-08 19:38:26 +0200 |
|---|---|---|
| committer | Sergei Golubchik <sergii@pisem.net> | 2014-07-08 19:38:26 +0200 |
| commit | ca2ba2291af7e93893febed414e2ae98a5abd543 (patch) | |
| tree | a081b1b1e70dff70cf5855c841f03e8637b46d5e | |
| parent | 65f85264a4c5319ee161545f60de99468b2382e5 (diff) | |
| download | mariadb-git-ca2ba2291af7e93893febed414e2ae98a5abd543.tar.gz | |
MDEV-6224 Incorrect information in file when *.frm is > 256K
Reject huge frms at CREATE TABLE, not when it - successfully written - is being opened.
Also raise the frm size limit from 256K to 512K
| -rw-r--r-- | mysql-test/r/huge_frm-6224.result | 1 | ||||
| -rw-r--r-- | mysql-test/t/huge_frm-6224.test | 20 | ||||
| -rw-r--r-- | sql/share/errmsg-utf8.txt | 2 | ||||
| -rw-r--r-- | sql/unireg.cc | 6 | ||||
| -rw-r--r-- | sql/unireg.h | 2 |
5 files changed, 30 insertions, 1 deletions
diff --git a/mysql-test/r/huge_frm-6224.result b/mysql-test/r/huge_frm-6224.result new file mode 100644 index 00000000000..3772317c04d --- /dev/null +++ b/mysql-test/r/huge_frm-6224.result @@ -0,0 +1 @@ +ERROR HY000: The definition for table `t1` is too big diff --git a/mysql-test/t/huge_frm-6224.test b/mysql-test/t/huge_frm-6224.test new file mode 100644 index 00000000000..418722a7b51 --- /dev/null +++ b/mysql-test/t/huge_frm-6224.test @@ -0,0 +1,20 @@ +# +# MDEV-6224 Incorrect information in file when *.frm is > 256K +# +# verify that huge frms are rejected during creation, not on opening +# +--source include/have_partition.inc + +let $n=5646; +let $a=create table t1 (a int) engine=myisam partition by hash(a) partitions $n (; +dec $n; +while ($n) +{ + let $a=$a partition p01234567890123456789012345678901234567890123456789012345678$n,; + dec $n; +} + +--disable_query_log +--error ER_TABLE_DEFINITION_TOO_BIG +eval $a partition foo); + diff --git a/sql/share/errmsg-utf8.txt b/sql/share/errmsg-utf8.txt index 259c0c5e1ed..76cf33c231f 100644 --- a/sql/share/errmsg-utf8.txt +++ b/sql/share/errmsg-utf8.txt @@ -7109,3 +7109,5 @@ ER_IT_IS_A_VIEW 42S02 eng "'%-.192s' is a view" ER_SLAVE_SKIP_NOT_IN_GTID eng "When using GTID, @@sql_slave_skip_counter can not be used. Instead, setting @@gtid_slave_pos explicitly can be used to skip to after a given GTID position." +ER_TABLE_DEFINITION_TOO_BIG + eng "The definition for table %`s is too big" diff --git a/sql/unireg.cc b/sql/unireg.cc index b7ac8b17c38..c60a13e5f44 100644 --- a/sql/unireg.cc +++ b/sql/unireg.cc @@ -211,6 +211,12 @@ LEX_CUSTRING build_frm_image(THD *thd, const char *table, filepos= frm.length; frm.length+= FRM_FORMINFO_SIZE; // forminfo frm.length+= packed_fields_length(create_fields); + + if (frm.length > FRM_MAX_SIZE) + { + my_error(ER_TABLE_DEFINITION_TOO_BIG, MYF(0), table); + DBUG_RETURN(frm); + } frm_ptr= (uchar*) my_malloc(frm.length, MYF(MY_WME | MY_ZEROFILL | MY_THREAD_SPECIFIC)); diff --git a/sql/unireg.h b/sql/unireg.h index 9b40b7b0779..5f133da674f 100644 --- a/sql/unireg.h +++ b/sql/unireg.h @@ -203,7 +203,7 @@ LEX_CUSTRING build_frm_image(THD *thd, const char *table, #define FRM_HEADER_SIZE 64 #define FRM_FORMINFO_SIZE 288 -#define FRM_MAX_SIZE (256*1024) +#define FRM_MAX_SIZE (512*1024) static inline bool is_binary_frm_header(uchar *head) { |