mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-29 02:05:57 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Bug#24498 Stack overflow in mysqltest

Browse source 
- Thanks to Vasil Dimov for the patch!


client/mysqltest.c:
  Use my_snprintf to protect against exceeding size of buff
  Since variable name and valu might not be null terminated it's necessary to
  provide the length of the format specifiers.
This commit is contained in:
unknown 2006-12-08 16:08:54 +01:00
parent ca1aebbd57
commit 33a098bf76
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
client/mysqltest.c
View file

@ -1240,7 +1240,9 @@ void var_set(const char *var_name, const char *var_name_end,
v->int_dirty= 0;
v->str_val_len= strlen(v->str_val);
}
strxmov(buf, v->name, "=", v->str_val, NullS);
my_snprintf(buf, sizeof(buf), "%.*s=%.*s",
v->name_len, v->name,
v->str_val_len, v->str_val);
if (!(v->env_s= my_strdup(buf, MYF(MY_WME))))
die("Out of memory");
putenv(v->env_s);