maria-developers team mailing list archive

Thread
Date

[Branch ~maria-captains/maria/5.1] Rev 2850: Fix missing bounds check in string conversion.

To: "askmonty.org Worklog" <worklog-db@xxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Thu, 29 Apr 2010 07:38:38 -0000
Delivered-to: worklog-db@xxxxxxxxxxxx
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 2850
committer: knielsen@xxxxxxxxxxxxxxx
branch nick: tmp
timestamp: Thu 2010-04-29 09:29:04 +0200
message:
  Fix missing bounds check in string conversion.
  Bump version number for security fix release.
modified:
  configure.in
  strings/ctype-utf8.c


--
lp:maria
https://code.launchpad.net/~maria-captains/maria/5.1

Your team Maria developers is subscribed to branch lp:maria.
To unsubscribe from this branch go to https://code.launchpad.net/~maria-captains/maria/5.1/+edit-subscription

=== modified file 'configure.in'
--- configure.in	2010-03-04 08:03:07 +0000
+++ configure.in	2010-04-29 07:29:04 +0000
@@ -7,7 +7,7 @@
 # Remember to also update version.c in ndb.
 # When changing major version number please also check switch statement
 # in mysqlbinlog::check_master_version().
-AC_INIT([MariaDB Server], [5.1.44-MariaDB], [], [mysql])
+AC_INIT([MariaDB Server], [5.1.44a-MariaDB], [], [mysql])
 AC_CONFIG_SRCDIR([sql/mysqld.cc])
 AC_CANONICAL_SYSTEM
 # USTAR format gives us the possibility to store longer path names in

=== modified file 'strings/ctype-utf8.c'
--- strings/ctype-utf8.c	2010-03-30 12:36:49 +0000
+++ strings/ctype-utf8.c	2010-04-29 07:29:04 +0000
@@ -4116,6 +4116,10 @@
 {
   int code;
   char hex[]= "0123456789abcdef";
+
+  if (s >= e)
+    return MY_CS_TOOSMALL;
+
   if (wc < 128 && filename_safe_char[wc])
   {
     *s= (uchar) wc;