diff options
author | Marcin Babij <marcin.babij@oracle.com> | 2014-07-02 10:45:22 +0200 |
---|---|---|
committer | Marcin Babij <marcin.babij@oracle.com> | 2014-07-02 10:45:22 +0200 |
commit | a69ab08b0b30a9c49047257f3eaf51dc0f041c06 (patch) | |
tree | f6f4a1be9d689085631efa0548f37f1011cfb2d3 /sql/mysqld.h | |
parent | 8ba44294b85aa6ec4eb763d89ad10c9b3c25a1ce (diff) | |
download | mariadb-git-a69ab08b0b30a9c49047257f3eaf51dc0f041c06.tar.gz |
BUG#18779944: MYSQLDUMP BUFFER OVERFLOW
Mysqldump overflows stack buffer when copying table name from commandline arguments resulting in stack corruption and ability to execute arbitrary code.
Fix: Check length of all positional arguments passed to mysqldump is smaller than NAME_LEN.
Note: Mysqldump heavily depends on that database objects (databases, tablespaces, tables, etc) are limited to small size (now it is 64).
Diffstat (limited to 'sql/mysqld.h')
0 files changed, 0 insertions, 0 deletions