• Nuno Carvalho's avatar
    BUG#14629727: USER_VAR_EVENT IS MISSING RANGE CHECKS · f1d3b0f1
    Nuno Carvalho authored
    This bug had two problems:
     P1) Reads out of bounds;
     P2) Writes out of bounds.
    
    PROBLEM P1
    ----------
    User_var_log_event unmarshalling from binlog was not performing range
    checks when using name_len and val_len variables to walk on event
    buffer.
    
    Added range checks to User_var_log_event unmarshalling to prevent
    unmarshalling errors.
    
    PROBLEM P2
    ----------
    User_var_log_event value was allocated on thread stack, what caused
    stack frame errors when User_var_log_event value was bigger than thread
    stack size.
    
    Currently value is allocated on heap memory.
    f1d3b0f1
mysql_priv.h 99.5 KB