diff options
| author | svoj@mysql.com/june.mysql.com <> | 2007-10-30 14:46:43 +0400 |
|---|---|---|
| committer | svoj@mysql.com/june.mysql.com <> | 2007-10-30 14:46:43 +0400 |
| commit | cbd3dfbbcb85ffd4c3aecbf238857e9dc0a95be8 (patch) | |
| tree | 4bece81268f470eec4fb2213e8f90bfdca3fc13a /myisam | |
| parent | 0253d7875d592996b2234d211fa0d34bc7d494f8 (diff) | |
| download | mariadb-git-cbd3dfbbcb85ffd4c3aecbf238857e9dc0a95be8.tar.gz | |
BUG#11392 - fulltext search bug
Fulltext boolean mode phrase search may crash server on platforms
where size of pointer is not equal to size of unsigned integer
(in other words some 64-bit platforms).
The problem was integer overflow.
Affects 4.1 only.
Diffstat (limited to 'myisam')
| -rw-r--r-- | myisam/ft_boolean_search.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/myisam/ft_boolean_search.c b/myisam/ft_boolean_search.c index f1ff8f6d886..fad25abcc6c 100644 --- a/myisam/ft_boolean_search.c +++ b/myisam/ft_boolean_search.c @@ -446,7 +446,8 @@ static int _ftb_strstr(const byte *s0, const byte *e0, { if (cs->coll->instr(cs, p0, e0 - p0, s1, e1 - s1, m, 2) != 2) return(0); - if ((!s_after || p0 + m[1].beg == s0 || !true_word_char(cs, p0[m[1].beg-1])) && + if ((!s_after || p0 + m[1].beg == s0 || + !true_word_char(cs, p0[(int) m[1].beg - 1])) && (!e_before || p0 + m[1].end == e0 || !true_word_char(cs, p0[m[1].end]))) return(1); p0+= m[1].beg; |