Bug#21973610: BUFFER OVERFLOW ISSUES

Description : Incorrect usage of sprintf/strcpy caused possible buffer overflow issues at various places. Solution : - Fixed mysql_plugin and mysqlshow - Fixed regex library issues Reviewed-By : Georgi Kodinov <georgi.kodinov@oracle.com> Reviewed-By : Venkata S Murthy Sidagam <venkata.sidagam@oracle.com>
author: Harin Vadodaria <harin.vadodaria@oracle.com> 2015-11-06 16:41:55 +0530
committer: Harin Vadodaria <harin.vadodaria@oracle.com> 2015-11-06 16:41:55 +0530
commit: 0dbd5a8797ed4bd18e8b883988fb62177eb0f73f (patch)
tree: 1bab2534ca81a99100fa6ed3edcd8111a058d25f /libmysql
parent: fd9831410dfc878420fcd95dc576b955e94d2c76 (diff)
download: mariadb-git-0dbd5a8797ed4bd18e8b883988fb62177eb0f73f.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/libmysql/conf_to_src.c b/libmysql/conf_to_src.c
index a5a7d23db0b..0e92388c93c 100644
--- a/libmysql/conf_to_src.c
+++ b/libmysql/conf_to_src.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -118,7 +118,7 @@ print_arrays_for(char *set)
 {
   FILE *f;
 
-  sprintf(buf, "%s.conf", set);
+  snprintf(buf, sizeof(buf), "%s.conf", set);
 
   if ((f = fopen(buf, "r")) == NULL) {
     fprintf(stderr, "%s: can't read conf file for charset %s\n", prog, set);
author	Harin Vadodaria <harin.vadodaria@oracle.com>	2015-11-06 16:41:55 +0530
committer	Harin Vadodaria <harin.vadodaria@oracle.com>	2015-11-06 16:41:55 +0530
commit	0dbd5a8797ed4bd18e8b883988fb62177eb0f73f (patch)
tree	1bab2534ca81a99100fa6ed3edcd8111a058d25f /libmysql
parent	fd9831410dfc878420fcd95dc576b955e94d2c76 (diff)
download	mariadb-git-0dbd5a8797ed4bd18e8b883988fb62177eb0f73f.tar.gz