diff options
| author | Ivo Roylev <ivo.roylev@oracle.com> | 2017-05-22 15:52:00 +0300 |
|---|---|---|
| committer | Ivo Roylev <ivo.roylev@oracle.com> | 2017-05-22 15:52:00 +0300 |
| commit | 20addb05e58fdf822896f490fcaaf2ec5ed4bcb5 (patch) | |
| tree | 1ca97a3c3f8de4ec8d7d2c1775e76a07348e7d48 /client | |
| parent | 3b562dcf6e5423d41d41ef416c18187c3a946d9e (diff) | |
| download | mariadb-git-20addb05e58fdf822896f490fcaaf2ec5ed4bcb5.tar.gz | |
Bug# 25998635: Client does not escape the USE statement
When there are quotes in the USE statement, the mysql client does
not correctly escape them.
The USE statement is processed line by line from the client's parser,
and cannot handle multi-line commands as the server.
The fix is to escape the USE parameters whenever quotes are used.
Diffstat (limited to 'client')
| -rw-r--r-- | client/mysql.cc | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/client/mysql.cc b/client/mysql.cc index 6e6dc4971ac..d09499c120a 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -3386,7 +3386,7 @@ print_table_data(MYSQL_RES *result) length=4; // Room for "NULL" if (opt_binhex && is_binary_field(field)) length= 2 + length * 2; - field->max_length=length; + field->max_length=(ulong) length; separator.fill(separator.length()+length+2,'-'); separator.append('+'); } @@ -3453,7 +3453,7 @@ print_table_data(MYSQL_RES *result) many extra padding-characters we should send with the printing function. */ visible_length= charset_info->cset->numcells(charset_info, buffer, buffer + data_length); - extra_padding= data_length - visible_length; + extra_padding= (uint) (data_length - visible_length); if (opt_binhex && is_binary_field(field)) print_as_hex(PAGER, cur[off], lengths[off], field_max_length); @@ -4232,10 +4232,9 @@ com_use(String *buffer __attribute__((unused)), char *line) bzero(buff, sizeof(buff)); /* - In case number of quotes exceed 2, we try to get - the normalized db name. + In case of quotes used, try to get the normalized db name. */ - if (get_quote_count(line) > 2) + if (get_quote_count(line) > 0) { if (normalize_dbname(line, buff, sizeof(buff))) return put_error(&mysql); @@ -4453,11 +4452,13 @@ char *get_arg(char *line, my_bool get_next_arg) static int get_quote_count(const char *line) { - int quote_count; - const char *ptr= line; + int quote_count= 0; + const char *quote= line; - for(quote_count= 0; ptr ++ && *ptr; ptr= strpbrk(ptr, "\"\'`")) - quote_count ++; + while ((quote= strpbrk(quote, "'`\"")) != NULL) { + quote_count++; + quote++; + } return quote_count; } |