summaryrefslogtreecommitdiff
path: root/libmysql
diff options
context:
space:
mode:
authorRafal Somla <rafal.somla@oracle.com>2011-09-29 17:02:16 +0200
committerRafal Somla <rafal.somla@oracle.com>2011-09-29 17:02:16 +0200
commit546cea3fd2bdcc76ab395686ec9a20fa0327e66f (patch)
tree5cd6702fdce40d68c95ffb20e1a0a377a873d13d /libmysql
parent0c775ea96f7d1c990da6a6a54c75e6c1fc8ae047 (diff)
downloadmariadb-git-546cea3fd2bdcc76ab395686ec9a20fa0327e66f.tar.gz
Bug#12982926 CLIENT CAN OVERRIDE ZERO-LENGTH-ALLOCATE BUFFER
Changes in client plugin needed for testing the issue (test instrumentation).
Diffstat (limited to 'libmysql')
-rw-r--r--libmysql/authentication_win/handshake_client.cc15
1 files changed, 15 insertions, 0 deletions
diff --git a/libmysql/authentication_win/handshake_client.cc b/libmysql/authentication_win/handshake_client.cc
index 565726651cb..02e5483da29 100644
--- a/libmysql/authentication_win/handshake_client.cc
+++ b/libmysql/authentication_win/handshake_client.cc
@@ -161,6 +161,21 @@ int Handshake_client::write_packet(Blob &data)
keep all the data.
*/
unsigned block_count= data.len()/512 + ((data.len() % 512) ? 1 : 0);
+
+#if !defined(DBUG_OFF) && defined(WINAUTH_USE_DBUG_LIB)
+
+ /*
+ For testing purposes, use wrong block count to see how server
+ handles this.
+ */
+ DBUG_EXECUTE_IF("winauth_first_packet_test",{
+ block_count= data.len() == 601 ? 0 :
+ data.len() == 602 ? 1 :
+ block_count;
+ });
+
+#endif
+
DBUG_ASSERT(block_count < (unsigned)0x100);
saved_byte= data[254];
data[254] = block_count;