← Back to team overview

maria-developers team mailing list archive

Re: fbe1dad15a1: Ensure that we do not allocate strings bigger than 4G in String objects.

 

Hi, Monty!

On Apr 16, Michael Widenius wrote:
> revision-id: fbe1dad15a1 (mariadb-10.5.2-555-gfbe1dad15a1)
> parent(s): 57c19902326
> author: Michael Widenius <michael.widenius@xxxxxxxxx>
> committer: Michael Widenius <michael.widenius@xxxxxxxxx>
> timestamp: 2021-03-25 12:06:34 +0200
> message:
> 
> Ensure that we do not allocate strings bigger than 4G in String objects.
> 
> This is needed as we are using uint32 for allocated and current length.
> 
> diff --git a/sql/sql_string.cc b/sql/sql_string.cc
> index 9c57bb22085..fedf5f4a48a 100644
> --- a/sql/sql_string.cc
> +++ b/sql/sql_string.cc
> @@ -37,6 +37,8 @@ bool Binary_string::real_alloc(size_t length)
>    DBUG_ASSERT(arg_length > length);
>    if (arg_length <= length)
>      return TRUE;                                 /* Overflow */
> +  if (arg_length >= UINT_MAX32)
> +    return FALSE;
>    str_length=0;
>    if (Alloced_length < arg_length)
>    {
> @@ -45,7 +47,6 @@ bool Binary_string::real_alloc(size_t length)
>                                  arg_length,MYF(MY_WME | (thread_specific ?
>                                                  MY_THREAD_SPECIFIC : 0)))))
>        return TRUE;
> -    DBUG_ASSERT(length < UINT_MAX32);
>      Alloced_length=(uint32) arg_length;
>      alloced=1;

I liked assert more. It meant that we should never under any
circumstances request more than 4G from Binary_string::real_alloc.

You're saying that it's ok to do it and Binary_string::real_alloc
should be ready to deal with it.

I'd say the first approach was better, >4G should just never happen.
 
Regards,
Sergei


Follow ups