Bug#21977380 - POSSIBLE BUFFER OVERFLOW ISSUES

DESCRIPTION
===========
Buffer overflow is reported in a lot of code sections
spanning across server, client programs, Regex libraries
etc. If not handled appropriately, they can cause abnormal
behaviour.

ANALYSIS
========
The reported casea are the ones which are likely to result
in SEGFAULT, MEMORY LEAK etc.

FIX
===
- sprintf() has been replaced by my_snprintf() to avoid
buffer overflow.
- my_free() is done after checking if the pointer isn't
  NULL already and setting it to NULL thereafter at few
  places.
- Buffer is ensured to be large enough to hold the data.
- 'unsigned int' (aka 'uint') is replaced with 'size_t'
to avoid wraparound.
- Memory is freed (if not done so) after its alloced and
used.
- Inserted assert() for size check in InnoDb memcached
code (from 5.6 onwards)
- Other minor changes

1 files changed, 2 insertions, 2 deletions

diff --git a/extra/yassl/src/log.cpp b/extra/yassl/src/log.cpp
index 13c68295747..2f112ac35f9 100644
--- a/extra/yassl/src/log.cpp
+++ b/extra/yassl/src/log.cpp
@@ -1,6 +1,5 @@
 /*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
+   Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -61,6 +60,7 @@ namespace yaSSL {
         time_t clicks = time(0);
         char   timeStr[32];
 
+        memset(timeStr, 0, sizeof(timeStr));
         // get rid of newline
         strncpy(timeStr, ctime(&clicks), sizeof(timeStr));
         unsigned int len = strlen(timeStr);