mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-19 05:22:25 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/sql
History
Davi Arnaut d4c75b7d0f Bug#38823: Invalid memory access when a SP statement does wildcard expansion 
The problem is that field names constructed due to wild-card
expansion done inside a stored procedure could point to freed
memory if the expansion was performed after the first call to
the stored procedure.

The problem was solved by patch for Bug#38691. The solution
was to allocate the database, table and field names in the
in the statement memory instead of table memory.
2008-10-14 11:04:36 -03:00
..
examples
share
.cvsignore
add_errmsg
client_settings.h
CMakeLists.txt
custom_conf.h
derror.cc
des_key_file.cc
discover.cc
field.cc Bug#38469 invalid memory read and/or crash with utf8 text field, stored procedure, uservar 2008-09-20 10:51:03 +02:00
field.h Bug#38469 invalid memory read and/or crash with utf8 text field, stored procedure, uservar 2008-09-20 10:51:03 +02:00
field_conv.cc
filesort.cc
frm_crypt.cc
gen_lex_hash.cc
gstream.cc
gstream.h
ha_archive.cc
ha_archive.h
ha_berkeley.cc
ha_berkeley.h
ha_blackhole.cc
ha_blackhole.h
ha_federated.cc Fix for bug #34779: crash in checksum table on federated tables 2008-08-15 11:40:05 +05:00
ha_federated.h
ha_heap.cc
ha_heap.h
ha_innodb.cc Cherry-pick InnoDB fixes for Bug#34286, Bug#35352, and Bug#36600 from snapshot 2008-07-31 15:47:57 -06:00
ha_innodb.h
ha_myisam.cc
ha_myisam.h
ha_myisammrg.cc
ha_myisammrg.h
ha_ndbcluster.cc
ha_ndbcluster.h
ha_ndbcluster_cond.cc
ha_ndbcluster_cond.h
handler.cc
handler.h
hash_filo.cc
hash_filo.h
hostname.cc
init.cc
item.cc Bug#38823: Invalid memory access when a SP statement does wildcard expansion 2008-10-14 11:04:36 -03:00
item.h Bug#37301 Length and Max_length differ with no obvious reason(2nd version) 2008-08-15 16:13:27 -04:00
item_buff.cc
item_cmpfunc.cc Fix for bug#37526: asymertic operator <=> in trigger 2008-09-09 20:05:27 +05:00
item_cmpfunc.h Fix for bug #39021: SELECT REGEXP BINARY NULL never returns 2008-09-05 13:30:01 +05:00
item_create.cc
item_create.h
item_func.cc Bug#37662 nested if() inside sum() is parsed in exponential time 2008-07-30 14:07:37 +03:00
item_func.h
item_geofunc.cc
item_geofunc.h
item_row.cc
item_row.h
item_strfunc.cc
item_strfunc.h
item_subselect.cc
item_subselect.h
item_sum.cc
item_sum.h
item_timefunc.cc
item_timefunc.h
item_uniq.cc
item_uniq.h
key.cc
lex.h
lex_symbol.h
lock.cc
log.cc
log_event.cc
log_event.h
Makefile.am
matherr.c
message.mc
mf_iocache.cc
my_decimal.cc
my_decimal.h
my_lock.c
mysql_priv.h Bug#35924 DEFINER should be stored 'quoted' in I_S 2008-10-02 16:57:52 +05:00
mysqld.cc merging fix 2008-08-26 13:32:43 +05:00
mysqld_suffix.h
net_serv.cc
nt_servc.cc
nt_servc.h
opt_range.cc Bug #37894: Assertion in init_read_record_seq in handler.h line 1444 2008-10-10 15:27:58 +05:00
opt_range.h BUG#36639: subselect.test crashes on 64 bit pentium4 when compiled for valgrind, commit into 5.0 2008-08-25 21:02:54 +04:00
opt_sum.cc
parse_file.cc Fixed bug #17823: 'arc' directories inside database directories. 2008-09-30 17:50:28 +05:00
parse_file.h Fixed bug #17823: 'arc' directories inside database directories. 2008-09-30 17:50:28 +05:00
password.c
procedure.cc
procedure.h
protocol.cc
protocol.h
records.cc
repl_failsafe.cc
repl_failsafe.h
set_var.cc Bug#37428 Potential security issue with UDFs - linux shellcode execution. 2008-08-25 17:11:59 +05:00
set_var.h
slave.cc
slave.h
sp.cc
sp.h
sp_cache.cc
sp_cache.h
sp_head.cc merge 2008-10-02 13:10:06 +05:00
sp_head.h
sp_pcontext.cc
sp_pcontext.h
sp_rcontext.cc
sp_rcontext.h
spatial.cc
spatial.h
sql_acl.cc
sql_acl.h
sql_analyse.cc
sql_analyse.h
sql_array.h
sql_base.cc Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while 2008-10-08 02:34:00 +05:00
sql_bitmap.h
sql_cache.cc
sql_cache.h
sql_class.cc Bug#37114: sql_mode NO_BACKSLASH_ESCAPES does not work properly with LOAD DATA INFILE 2008-09-17 08:34:00 +02:00
sql_class.h Bug#37114: sql_mode NO_BACKSLASH_ESCAPES does not work properly with LOAD DATA INFILE 2008-09-17 08:34:00 +02:00
sql_client.cc
sql_crypt.cc
sql_crypt.h
sql_cursor.cc Bug#38486 Crash when using cursor protocol 2008-08-11 11:40:54 +02:00
sql_cursor.h
sql_db.cc Fixed bug #17823: 'arc' directories inside database directories. 2008-09-30 17:50:28 +05:00
sql_delete.cc
sql_derived.cc
sql_do.cc
sql_error.cc
sql_error.h
sql_handler.cc
sql_help.cc
sql_insert.cc Fix for bug#38821: Assert table->auto_increment_field_not_null failed 2008-09-03 15:17:19 +05:00
sql_lex.cc Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while 2008-10-08 02:34:00 +05:00
sql_lex.h Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while 2008-10-08 02:34:00 +05:00
sql_list.cc
sql_list.h Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
sql_load.cc Bug#37114: sql_mode NO_BACKSLASH_ESCAPES does not work properly with LOAD DATA INFILE 2008-09-17 08:34:00 +02:00
sql_locale.cc
sql_manager.cc
sql_manager.h
sql_map.cc
sql_map.h
sql_olap.cc
sql_parse.cc Bug#35924 DEFINER should be stored 'quoted' in I_S 2008-10-02 16:57:52 +05:00
sql_prepare.cc
sql_rename.cc
sql_repl.cc
sql_repl.h
sql_select.cc Bug #39283: Date returned as VARBINARY to client for queries 2008-10-10 15:13:12 +05:00
sql_select.h
sql_show.cc Bug#22763 Disrepancy between SHOW CREATE VIEW and I_S.VIEWS 2008-10-02 14:37:07 +05:00
sql_sort.h
sql_state.c
sql_string.cc
sql_string.h Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
sql_table.cc
sql_test.cc
sql_trigger.cc
sql_trigger.h
sql_udf.cc Bug#37428 Potential security issue with UDFs - linux shellcode execution. 2008-08-25 17:11:59 +05:00
sql_udf.h
sql_union.cc Bug#38499: flush tables and multitable table update with 2008-10-09 20:24:31 +05:00
sql_update.cc Bug#38499: flush tables and multitable table update with 2008-10-09 20:24:31 +05:00
sql_view.cc Fixed bug #17823: 'arc' directories inside database directories. 2008-09-30 17:50:28 +05:00
sql_view.h
sql_yacc.yy Bug#35924 DEFINER should be stored 'quoted' in I_S 2008-10-02 16:57:52 +05:00
stacktrace.c Bug#35987 - post-review fix 2008-09-16 13:16:41 +02:00
stacktrace.h
strfunc.cc
structs.h
table.cc Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while 2008-10-08 02:34:00 +05:00
table.h Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while 2008-10-08 02:34:00 +05:00
thr_malloc.cc Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
time.cc
tzfile.h
tztime.cc
tztime.h
udf_example.c
udf_example.def
uniques.cc
unireg.cc
unireg.h Bug#37428 Potential security issue with UDFs - linux shellcode execution. 2008-08-25 17:11:59 +05:00
watchdog_mysqld