diff options
| author | Sergei Golubchik <sergii@pisem.net> | 2013-12-09 12:38:09 +0100 |
|---|---|---|
| committer | Sergei Golubchik <sergii@pisem.net> | 2013-12-09 12:38:09 +0100 |
| commit | e252af7b7e505741645384cf511354e348fbb1c0 (patch) | |
| tree | 536a262648c105a756908e552531ca3d3e2effe2 /sql/sql_acl.cc | |
| parent | bec1d903d944acd5c28c3f4f2d22b84ddae63ea2 (diff) | |
| download | mariadb-git-e252af7b7e505741645384cf511354e348fbb1c0.tar.gz | |
reuse new safe_net_field_length_ll function where appropriate
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 35 |
1 files changed, 10 insertions, 25 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 4ce41e103bd..b4786bfd529 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -11112,36 +11112,21 @@ static bool read_client_connect_attrs(char **ptr, char *end, const CHARSET_INFO *from_cs) { - size_t length, length_length; - size_t max_bytes_available= end - *ptr; + size_t length; + char *ptr_save= *ptr; + /* not enough bytes to hold the length */ - if ((*ptr) >= (end - 1)) + if (ptr_save >= end) return true; - /* read the length */ - if (max_bytes_available >= 9) - { - char *ptr_save= *ptr; - length= net_field_length_ll((uchar **) ptr); - length_length= *ptr - ptr_save; - DBUG_ASSERT(length_length <= 9); - } - else - { - /* to avoid reading unallocated and uninitialized memory */ - char buf[10]={'\0','\0','\0','\0','\0','\0','\0','\0','\0','\0',}, - *len_ptr= buf; - memcpy(buf, *ptr, max_bytes_available); - length= net_field_length_ll((uchar **) &len_ptr); - length_length= len_ptr - buf; - *ptr+= length_length; - if (max_bytes_available < length_length) - return true; - } - max_bytes_available-= length_length; + length= safe_net_field_length_ll((uchar **) ptr, end - ptr_save); + + /* cannot even read the length */ + if (*ptr == NULL) + return true; /* length says there're more data than can fit into the packet */ - if (length > max_bytes_available) + if (*ptr + length > end) return true; /* impose an artificial length limit of 64k */ |