diff options
| -rw-r--r-- | client/mysql.cc | 5 | ||||
| -rw-r--r-- | mysys/mf_pack.c | 4 | ||||
| -rw-r--r-- | sql/log.cc | 4 | ||||
| -rw-r--r-- | sql/repl_failsafe.cc | 2 | ||||
| -rw-r--r-- | sql/sp.cc | 2 | ||||
| -rw-r--r-- | sql/unireg.cc | 8 | ||||
| -rw-r--r-- | strings/strmake.c | 30 |
7 files changed, 34 insertions, 21 deletions
diff --git a/client/mysql.cc b/client/mysql.cc index 999a37e0f7e..d39a0554994 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -3085,7 +3085,10 @@ com_connect(String *buffer, char *line) Two null bytes are needed in the end of buff to allow get_arg to find end of string the second time it's called. */ - strmake(buff, line, sizeof(buff)-2); + tmp= strmake(buff, line, sizeof(buff)-2); +#ifdef EXTRA_DEBUG + tmp[1]= 0; +#endif tmp= get_arg(buff, 0); if (tmp && *tmp) { diff --git a/mysys/mf_pack.c b/mysys/mf_pack.c index d14c24f35d7..9e8b6516f63 100644 --- a/mysys/mf_pack.c +++ b/mysys/mf_pack.c @@ -271,7 +271,7 @@ void symdirget(char *dir) SYNOPSIS unpack_dirname() - to Store result here. May be = from + to result-buffer, FN_REFLEN characters. may be == from from 'Packed' directory name (may contain ~) IMPLEMENTATION @@ -397,7 +397,7 @@ uint unpack_filename(my_string to, const char *from) /* Convert filename (unix standard) to system standard */ /* Used before system command's like open(), create() .. */ - /* Returns length of to */ + /* Returns used length of to; total length should be FN_REFLEN */ uint system_filename(my_string to, const char *from) { diff --git a/sql/log.cc b/sql/log.cc index af03cecd462..e66d965c613 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -1284,10 +1284,10 @@ err: void MYSQL_LOG::make_log_name(char* buf, const char* log_ident) { uint dir_len = dirname_length(log_file_name); - if (dir_len > FN_REFLEN) + if (dir_len >= FN_REFLEN) dir_len=FN_REFLEN-1; strnmov(buf, log_file_name, dir_len); - strmake(buf+dir_len, log_ident, FN_REFLEN - dir_len); + strmake(buf+dir_len, log_ident, FN_REFLEN - dir_len -1); } diff --git a/sql/repl_failsafe.cc b/sql/repl_failsafe.cc index 1dc16b6e566..896315ec82f 100644 --- a/sql/repl_failsafe.cc +++ b/sql/repl_failsafe.cc @@ -922,7 +922,7 @@ bool load_master_data(THD* thd) 0, (SLAVE_IO | SLAVE_SQL))) my_message(ER_MASTER_INFO, ER(ER_MASTER_INFO), MYF(0)); strmake(active_mi->master_log_name, row[0], - sizeof(active_mi->master_log_name)); + sizeof(active_mi->master_log_name) -1); active_mi->master_log_pos= my_strtoll10(row[1], (char**) 0, &error_2); /* at least in recent versions, the condition below should be false */ if (active_mi->master_log_pos < BIN_LOG_HEADER_SIZE) diff --git a/sql/sp.cc b/sql/sp.cc index 0b84e1ad07f..f8b039626f9 100644 --- a/sql/sp.cc +++ b/sql/sp.cc @@ -1895,7 +1895,7 @@ sp_use_new_db(THD *thd, LEX_STRING new_db, LEX_STRING *old_db, if (thd->db) { - old_db->length= (strmake(old_db->str, thd->db, old_db->length) - + old_db->length= (strmake(old_db->str, thd->db, old_db->length - 1) - old_db->str); } else diff --git a/sql/unireg.cc b/sql/unireg.cc index 9e6c77d7b62..b581ad4655a 100644 --- a/sql/unireg.cc +++ b/sql/unireg.cc @@ -165,6 +165,14 @@ bool mysql_create_frm(THD *thd, my_string file_name, strmake((char*) forminfo+47, create_info->comment.str ? create_info->comment.str : "", create_info->comment.length); forminfo[46]=(uchar) create_info->comment.length; +#ifdef EXTRA_DEBUG + /* + EXTRA_DEBUG causes strmake() to initialize its buffer behind the + payload with a magic value to detect wrong buffer-sizes. We + explicitly zero that segment again. + */ + memset((char*) forminfo+47 + forminfo[46], 0, 61 - forminfo[46]); +#endif if (my_pwrite(file,(byte*) fileinfo,64,0L,MYF_RW) || my_pwrite(file,(byte*) keybuff,key_info_length, (ulong) uint2korr(fileinfo+6),MYF_RW)) diff --git a/strings/strmake.c b/strings/strmake.c index 5ca4688de46..05b5878d99c 100644 --- a/strings/strmake.c +++ b/strings/strmake.c @@ -27,23 +27,25 @@ #include <my_global.h> #include "m_string.h" -#ifdef BAD_STRING_COMPILER - -char *strmake(char *dst,const char *src,uint length) +char *strmake(register char *dst, register const char *src, uint length) { - reg1 char *res; - - if ((res=memccpy(dst,src,0,length))) - return res-1; - dst[length]=0; - return dst+length; -} - -#define strmake strmake_overlapp /* Use orginal for overlapping str */ +#ifdef EXTRA_DEBUG + /* + 'length' is the maximum length of the string; the buffer needs + to be one character larger to accomodate the terminating '\0'. + This is easy to get wrong, so we make sure we write to the + entire length of the buffer to identify incorrect buffer-sizes. + We only initialise the "unused" part of the buffer here, a) for + efficiency, and b) because dst==src is allowed, so initialising + the entire buffer would overwrite the source-string. Also, we + write a character rather than '\0' as this makes spotting these + problems in the results easier. + */ + uint n= strlen(src) + 1; + if (n <= length) + memset(dst + n, (int) 'Z', length - n + 1); #endif -char *strmake(register char *dst, register const char *src, uint length) -{ while (length--) if (! (*dst++ = *src++)) return dst-1; |