Bug#31752: check strmake() bounds

strmake() called with wrong parameters: 5.0-specific fixes. client/mysql.cc: In debug-mode, strmake() fills unused part of buffer with a test-pattern. This overwrites our previous extra '\0' (from previous bzero()). sql/sp.cc: off-by-one buffer-size.
author: unknown <tnurnberg@mysql.com/white.intern.koehntopp.de> 2007-11-26 09:13:23 +0100
committer: unknown <tnurnberg@mysql.com/white.intern.koehntopp.de> 2007-11-26 09:13:23 +0100
commit: 1c72446ef69cf6c50cf9b2dae69b2b24a7576103 (patch)
tree: af61eb4308a4957b098cc00e4e557672f7f68cfa /client
parent: fe280afa26ba21f6c1ba3edc83e930eff96704d0 (diff)
download: mariadb-git-1c72446ef69cf6c50cf9b2dae69b2b24a7576103.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/client/mysql.cc b/client/mysql.cc
index 8e1b6c2a9b4..ff2c1d228cd 100644
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -2987,7 +2987,10 @@ com_connect(String *buffer, char *line)
       Two null bytes are needed in the end of buff to allow
       get_arg to find end of string the second time it's called.
     */
-    strmake(buff, line, sizeof(buff)-2);
+    tmp= strmake(buff, line, sizeof(buff)-2);
+#ifdef EXTRA_DEBUG
+    tmp[1]= 0;
+#endif
     tmp= get_arg(buff, 0);
     if (tmp && *tmp)
     {
author	unknown <tnurnberg@mysql.com/white.intern.koehntopp.de>	2007-11-26 09:13:23 +0100
committer	unknown <tnurnberg@mysql.com/white.intern.koehntopp.de>	2007-11-26 09:13:23 +0100
commit	1c72446ef69cf6c50cf9b2dae69b2b24a7576103 (patch)
tree	af61eb4308a4957b098cc00e4e557672f7f68cfa /client
parent	fe280afa26ba21f6c1ba3edc83e930eff96704d0 (diff)
download	mariadb-git-1c72446ef69cf6c50cf9b2dae69b2b24a7576103.tar.gz