MDEV-28315 Fix ASAN stack-buffer-overflow in String::copy_aligned

Starting since this commit 36cdd5c3cdb06d8538f64c0b312ffe4672a92e75 there is an ASAN stack-buffer-overflow error because we append a NULL terminator beyond the length of memory allocated. Reviewed by: Monty and Nayuta Yanagisawa
author: Norio Akagi <redtree.dev1112@gmail.com> 2022-08-01 04:27:33 -0700
committer: GitHub <noreply@github.com> 2022-08-01 20:27:33 +0900
commit: 84d26f98c7f2007d9414c33dcbfdddd3a24c9a60 (patch)
tree: dd1dc3ba5ba9cd233536ef968067aaee31df0966 /sql/sql_string.cc
parent: 63478e72de6940abae6bb2d3b35c9b1ffa7180d9 (diff)
download: mariadb-git-84d26f98c7f2007d9414c33dcbfdddd3a24c9a60.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/sql/sql_string.cc b/sql/sql_string.cc
index 991b65ef4b2..90693f407fb 100644
--- a/sql/sql_string.cc
+++ b/sql/sql_string.cc
@@ -398,7 +398,7 @@ bool String::copy_aligned(const char *str, size_t arg_length, size_t offset,
   DBUG_ASSERT(offset && offset != cs->mbminlen);
 
   size_t aligned_length= arg_length + offset;
-  if (alloc(aligned_length))
+  if (alloc(aligned_length+1))
     return TRUE;
   
   /*
author	Norio Akagi <redtree.dev1112@gmail.com>	2022-08-01 04:27:33 -0700
committer	GitHub <noreply@github.com>	2022-08-01 20:27:33 +0900
commit	84d26f98c7f2007d9414c33dcbfdddd3a24c9a60 (patch)
tree	dd1dc3ba5ba9cd233536ef968067aaee31df0966 /sql/sql_string.cc
parent	63478e72de6940abae6bb2d3b35c9b1ffa7180d9 (diff)
download	mariadb-git-84d26f98c7f2007d9414c33dcbfdddd3a24c9a60.tar.gz