maria-developers team mailing list archive

Thread
Date

Re: shrink() in sql_string.h

To: maria-developers@xxxxxxxxxxxxxxxxxxx
From: MARK CALLAGHAN <mdcallag@xxxxxxxxx>
Date: Thu, 7 Jun 2012 10:49:22 -0700
In-reply-to: <CAFbpF8Ohp3x0oCJmTuHWU16K50+L89g8RCKr8Au=hv=d1ecURg@mail.gmail.com>

Filed http://bugs.mysql.com/bug.php?id=65562
Found a fix too.

On Wed, Jun 6, 2012 at 4:14 PM, MARK CALLAGHAN <mdcallag@xxxxxxxxx> wrote:
> Why doesn't the shrink() method in sql_string.h check the value of
> alloced before calling my_realloc? my_realloc might free Ptr, but when
> alloced=0 that memory is not owned by the string.
>
> 2            bk@work |   inline void shrink(uint32 arg_length)
>  // Shrink buffer
> 2            bk@work |   {
> 2            bk@work |     if (arg_length < Alloced_length)
> 2            bk@work |     {
> 2            bk@work |       char *new_ptr;
> 2            bk@work |       if (!(new_ptr=(char*)
> my_realloc(Ptr,arg_length,MYF(0))))
> 2            bk@work |       {
> 228          sasha@m |  Alloced_length = 0;
> 2            bk@work |  real_alloc(arg_length);
> 2            bk@work |       }
> 2            bk@work |       else
> 2            bk@work |       {
> 2            bk@work |  Ptr=new_ptr;
> 2            bk@work |  Alloced_length=arg_length;
> 2            bk@work |       }
> 2            bk@work |     }
> 2            bk@work |   }
>
>
> --
> Mark Callaghan
> mdcallag@xxxxxxxxx



-- 
Mark Callaghan
mdcallag@xxxxxxxxx

References

shrink() in sql_string.h
From: MARK CALLAGHAN, 2012-06-06