mirror of
https://github.com/MariaDB/server.git
synced 2025-01-29 02:05:57 +01:00
9d72fb4af0
DESCRIPTION =========== Buffer overflow is reported in a lot of code sections spanning across server, client programs, Regex libraries etc. If not handled appropriately, they can cause abnormal behaviour. ANALYSIS ======== The reported casea are the ones which are likely to result in SEGFAULT, MEMORY LEAK etc. FIX === - sprintf() has been replaced by my_snprintf() to avoid buffer overflow. - my_free() is done after checking if the pointer isn't NULL already and setting it to NULL thereafter at few places. - Buffer is ensured to be large enough to hold the data. - 'unsigned int' (aka 'uint') is replaced with 'size_t' to avoid wraparound. - Memory is freed (if not done so) after its alloced and used. - Inserted assert() for size check in InnoDb memcached code (from 5.6 onwards) - Other minor changes (cherry picked from commit 3487e20959c940cbd24429afa795ebfc8a01e94f) |
||
|---|---|---|
| .. | ||
| client_priv.h | ||
| CMakeLists.txt | ||
| completion_hash.cc | ||
| completion_hash.h | ||
| echo.c | ||
| get_password.c | ||
| my_readline.h | ||
| mysql.cc | ||
| mysql_plugin.c | ||
| mysql_upgrade.c | ||
| mysqladmin.cc | ||
| mysqlbinlog.cc | ||
| mysqlcheck.c | ||
| mysqldump.c | ||
| mysqlimport.c | ||
| mysqlshow.c | ||
| mysqlslap.c | ||
| mysqltest.cc | ||
| readline.cc | ||
| sql_string.cc | ||
| sql_string.h | ||