BUG#13556107: CHECK AND REPAIR TABLE SHOULD BE MORE ROBUST [3]

Problem description: Incorrect key file. Key file is corrupted, while reading the keys from the file. The problem here is that keyseg->start (which should point to the beginning of a field) is pointing beyond total record length. Fix: If keyseg->start is greater than total record length then return error.
author: Venkata Sidagam <venkata.sidagam@oracle.com> 2012-11-14 17:02:36 +0530
committer: Venkata Sidagam <venkata.sidagam@oracle.com> 2012-11-14 17:02:36 +0530
commit: d075f0fab72d40ca324285d3bedcdc43bbe06339 (patch)
tree: c1ed150101ebf7636bf694aecacc5dfb0b34fe5d /storage/myisam
parent: a3b6f73ada16445926b192da8df78a8fc29f4365 (diff)
download: mariadb-git-d075f0fab72d40ca324285d3bedcdc43bbe06339.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/storage/myisam/mi_open.c b/storage/myisam/mi_open.c
index 5951aef6d4f..93f70a5d340 100644
--- a/storage/myisam/mi_open.c
+++ b/storage/myisam/mi_open.c
@@ -343,6 +343,12 @@ MI_INFO *mi_open(const char *name, int mode, uint open_flags)
 	  }
 	  else if (pos->type == HA_KEYTYPE_BINARY)
 	    pos->charset= &my_charset_bin;
+          if (!(share->keyinfo[i].flag & HA_SPATIAL) &&
+              pos->start > share->base.reclength)
+          {
+            my_errno= HA_ERR_CRASHED;
+            goto err;
+          }
 	}
 	if (share->keyinfo[i].flag & HA_SPATIAL)
 	{
author	Venkata Sidagam <venkata.sidagam@oracle.com>	2012-11-14 17:02:36 +0530
committer	Venkata Sidagam <venkata.sidagam@oracle.com>	2012-11-14 17:02:36 +0530
commit	d075f0fab72d40ca324285d3bedcdc43bbe06339 (patch)
tree	c1ed150101ebf7636bf694aecacc5dfb0b34fe5d /storage/myisam
parent	a3b6f73ada16445926b192da8df78a8fc29f4365 (diff)
download	mariadb-git-d075f0fab72d40ca324285d3bedcdc43bbe06339.tar.gz