diff options
| author | Monty <monty@mariadb.org> | 2020-05-15 16:15:49 +0300 |
|---|---|---|
| committer | Monty <monty@mariadb.org> | 2020-05-23 12:29:10 +0300 |
| commit | c4bf4b7aefcd95b898ea9c8714d09fc1045f304c (patch) | |
| tree | f45c4aefb9e22ecadf8e2e8ac19d0673c88a8e69 /sql | |
| parent | dcc0baf5405b220384b9e1e07d8b9e3ff97b60f4 (diff) | |
| download | mariadb-git-c4bf4b7aefcd95b898ea9c8714d09fc1045f304c.tar.gz | |
Fixed access to undefined memory found by valgrind and MSAN
When my_vsnprintf() is patched, the code protected disabled with
'WAITING_FOR_BUGFIX_TO_VSPRINTF' should be enabled again. Also all %b
formats in this patch should be revert to %s again
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/item_subselect.cc | 4 | ||||
| -rw-r--r-- | sql/protocol.cc | 2 | ||||
| -rw-r--r-- | sql/signal_handler.cc | 3 | ||||
| -rw-r--r-- | sql/tztime.cc | 2 |
4 files changed, 6 insertions, 5 deletions
diff --git a/sql/item_subselect.cc b/sql/item_subselect.cc index be78f333951..10218f392c7 100644 --- a/sql/item_subselect.cc +++ b/sql/item_subselect.cc @@ -728,8 +728,8 @@ bool Item_subselect::exec() QT_WITHOUT_INTRODUCERS)); push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE, - ER_UNKNOWN_ERROR, "DBUG: Item_subselect::exec %.*s", - print.length(),print.c_ptr()); + ER_UNKNOWN_ERROR, "DBUG: Item_subselect::exec %.*b", + print.length(),print.ptr()); ); /* Do not execute subselect in case of a fatal error diff --git a/sql/protocol.cc b/sql/protocol.cc index 1829294097d..d565a818f31 100644 --- a/sql/protocol.cc +++ b/sql/protocol.cc @@ -1218,7 +1218,7 @@ bool Protocol_text::store(const char *from, size_t length, { CHARSET_INFO *tocs= this->thd->variables.character_set_results; #ifndef DBUG_OFF - DBUG_PRINT("info", ("Protocol_text::store field %u (%u): %.*s", field_pos, + DBUG_PRINT("info", ("Protocol_text::store field %u (%u): %.*b", field_pos, field_count, (int) length, (length == 0 ? "" : from))); DBUG_ASSERT(field_handlers == 0 || field_pos < field_count); DBUG_ASSERT(valid_handler(field_pos, PROTOCOL_SEND_STRING)); diff --git a/sql/signal_handler.cc b/sql/signal_handler.cc index 467985c1270..147b2568981 100644 --- a/sql/signal_handler.cc +++ b/sql/signal_handler.cc @@ -52,8 +52,9 @@ static inline void output_core_info() char buff[PATH_MAX]; ssize_t len; int fd; - if ((len= readlink("/proc/self/cwd", buff, sizeof(buff))) >= 0) + if ((len= readlink("/proc/self/cwd", buff, sizeof(buff)-1)) >= 0) { + buff[len]= 0; my_safe_printf_stderr("Writing a core file...\nWorking directory at %.*s\n", (int) len, buff); } diff --git a/sql/tztime.cc b/sql/tztime.cc index 36f527113ea..9797b1d4a22 100644 --- a/sql/tztime.cc +++ b/sql/tztime.cc @@ -1900,7 +1900,7 @@ tz_load_from_open_tables(const String *tz_name, TABLE_LIST *tz_tables) Most probably user has mistyped time zone name, so no need to bark here unless we need it for debugging. */ - sql_print_error("Can't find description of time zone '%.*s'", + sql_print_error("Can't find description of time zone '%.*b'", tz_name->length(), tz_name->ptr()); #endif goto end; |