mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 20:12:31 +01:00
9320dca994
The problem was that server didn't check resulting size of prepared statement argument which was set using mysql_send_long_data() API. By calling mysql_send_long_data() several times it was possible to create overly big string and thus force server to allocate memory for it. There was no way to limit this allocation. The solution is to add check for size of result string against value of max_long_data_size start-up parameter. When intermediate string exceeds max_long_data_size value an appropriate error message is emitted. We can't use existing max_allowed_packet parameter for this purpose since its value is limited by 1GB and therefore using it as a limit for data set through mysql_send_long_data() API would have been an incompatible change. Newly introduced max_long_data_size parameter gets value from max_allowed_packet parameter unless its value is specified explicitly. This new parameter is marked as deprecated and will be eventually replaced by max_allowed_packet parameter. Value of max_long_data_size parameter can be set only at server startup. mysql-test/t/variables.test: Added checking for new start-up parameter max_long_data_size. sql/item.cc: Added call to my_message() when accumulated string exceeds max_long_data_size value. my_message() calls error handler that was installed in mysql_stmt_get_longdata before call to Item_param::set_longdata. The error handler then sets state, last_error and last_errno fields for current statement to values which correspond to error which was caught. sql/mysql_priv.h: Added max_long_data_size variable declaration. sql/mysqld.cc: Added support for start-up parameter 'max_long_data_size'. This parameter limits size of data which can be sent from client to server using mysql_send_long_data() API. sql/set_var.cc: Added variable 'max_long_data_size' into list of variables displayed by command 'show variables'. sql/sql_prepare.cc: Added error handler class Set_longdata_error_handler. This handler is used to catch any errors that can be generated during execution of Item_param::set_longdata(). Source code snippet that makes checking for statement's state during statement execution is moved from Prepared_statement::execute() to Prepared_statement::execute_loop() in order not to call set_parameters() when statement has failed during set_long_data() execution. If this hadn't been done the call to set_parameters() would have failed. tests/mysql_client_test.c: A testcase for the bug #56976 was added. |
||
|---|---|---|
| .. | ||
| .cvsignore | ||
| auto_increment.res | ||
| auto_increment.tst | ||
| big_record.pl | ||
| bug25714.c | ||
| CMakeLists.txt | ||
| connect_test.c | ||
| deadlock_test.c | ||
| drop_test.pl | ||
| export.pl | ||
| fork2_test.pl | ||
| fork_big.pl | ||
| fork_big2.pl | ||
| function.res | ||
| function.tst | ||
| grant.pl | ||
| grant.res | ||
| index_corrupt.pl | ||
| insert_and_repair.pl | ||
| insert_test.c | ||
| list_test.c | ||
| lock_test.pl | ||
| lock_test.res | ||
| mail_to_db.pl | ||
| Makefile.am | ||
| myisam-big-rows.tst | ||
| mysql_client_test.c | ||
| pmail.pl | ||
| rename_test.pl | ||
| restore-lock.smack | ||
| select_test.c | ||
| showdb_test.c | ||
| ssl_test.c | ||
| table_types.pl | ||
| test_delayed_insert.pl | ||
| thread_test.c | ||
| truncate.pl | ||