diff options
| author | Sergei Golubchik <sergii@pisem.net> | 2012-08-09 17:22:00 +0200 |
|---|---|---|
| committer | Sergei Golubchik <sergii@pisem.net> | 2012-08-09 17:22:00 +0200 |
| commit | d11829654c4ef5c3d0f997ca61a50d4bd196db8a (patch) | |
| tree | e48a5775e961b17600bf9c1c189243deb5515ba7 /sql-common | |
| parent | e022b6ef07529d83e8c1cbd5e3d374fc5cc75721 (diff) | |
| parent | 704898bf3200af4da42c1bf9251a7da5533db73f (diff) | |
| download | mariadb-git-d11829654c4ef5c3d0f997ca61a50d4bd196db8a.tar.gz | |
merge with MySQL 5.5.27
manually checked every change, reverted incorrect or stupid changes.
Diffstat (limited to 'sql-common')
| -rw-r--r-- | sql-common/client.c | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/sql-common/client.c b/sql-common/client.c index 349d844ebd3..9f58281ddbf 100644 --- a/sql-common/client.c +++ b/sql-common/client.c @@ -1,5 +1,5 @@ -/* - Copyright (c) 2003, 2011, Oracle and/or its affiliates. +/* Copyright (c) 2003, 2012, Oracle and/or its affiliates. + Copyright (c) 2009, 2012, Monty Program Ab This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1439,7 +1439,7 @@ static void cli_fetch_lengths(ulong *to, MYSQL_ROW column, ***************************************************************************/ MYSQL_FIELD * -unpack_fields(MYSQL_DATA *data,MEM_ROOT *alloc,uint fields, +unpack_fields(MYSQL *mysql, MYSQL_DATA *data,MEM_ROOT *alloc,uint fields, my_bool default_value, uint server_capabilities) { MYSQL_ROWS *row; @@ -1452,6 +1452,7 @@ unpack_fields(MYSQL_DATA *data,MEM_ROOT *alloc,uint fields, if (!result) { free_rows(data); /* Free old data */ + set_mysql_error(mysql, CR_OUT_OF_MEMORY, unknown_sqlstate); DBUG_RETURN(0); } bzero((char*) field, (uint) sizeof(MYSQL_FIELD)*fields); @@ -1479,6 +1480,14 @@ unpack_fields(MYSQL_DATA *data,MEM_ROOT *alloc,uint fields, field->org_name_length= lengths[5]; /* Unpack fixed length parts */ + if (lengths[6] != 12) + { + /* malformed packet. signal an error. */ + free_rows(data); /* Free old data */ + set_mysql_error(mysql, CR_MALFORMED_PACKET, unknown_sqlstate); + DBUG_RETURN(0); + } + pos= (uchar*) row->data[6]; field->charsetnr= uint2korr(pos); field->length= (uint) uint4korr(pos+2); @@ -3361,6 +3370,12 @@ CLI_MYSQL_REAL_CONNECT(MYSQL *mysql,const char *host, const char *user, mysql->server_status=uint2korr(end+3); mysql->server_capabilities|= uint2korr(end+5) << 16; pkt_scramble_len= end[7]; + if (pkt_scramble_len < 0) + { + set_mysql_error(mysql, CR_MALFORMED_PACKET, + unknown_sqlstate); /* purecov: inspected */ + goto error; + } } end+= 18; @@ -3896,7 +3911,7 @@ get_info: if (!(fields=cli_read_rows(mysql,(MYSQL_FIELD*)0, protocol_41(mysql) ? 7:5))) DBUG_RETURN(1); - if (!(mysql->fields=unpack_fields(fields,&mysql->field_alloc, + if (!(mysql->fields=unpack_fields(mysql, fields,&mysql->field_alloc, (uint) field_count,0, mysql->server_capabilities))) DBUG_RETURN(1); |