Skip to content

M
mariadb
Commit 863b86db authored by unknown's avatar unknown
Browse files
Options

Fix for bug #33758: Got query result when using ORDER BY ASC, but 

empty result when using DESC

Problem: fetching MyISAM keys we copy a key block pointer to the end of the key buffer.
However, we don't take into account the pointer length calculatig the buffer size,
that may leads to memory overwriting and in turn to unpredictable results.

Fix: increase key buffer size by length of the key block pointer.

Note: no simple test case.


myisam/mi_open.c:
  Fix for bug #33758: Got query result when using ORDER BY ASC, but 
  empty result when using DESC
    - increase possible maximum key length by size of the key block pointer,
      as it's copied into the key buffer in the get_key() MyISAM functions.
parent 5177c97e
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 0 deletions
myisam/mi_open.c
View file @ 863b86db
...@@ -270,6 +270,9 @@ MI_INFO *mi_open(const char *name, int mode, uint open_flags) ...@@ -270,6 +270,9 @@ MI_INFO *mi_open(const char *name, int mode, uint open_flags)
if (share->options & HA_OPTION_COMPRESS_RECORD) if (share->options & HA_OPTION_COMPRESS_RECORD)
share->base.max_key_length+=2; /* For safety */ share->base.max_key_length+=2; /* For safety */
/* Add space for node pointer */
share->base.max_key_length+= share->base.key_reflength;
if (!my_multi_malloc(MY_WME, if (!my_multi_malloc(MY_WME,
&share,sizeof(*share), &share,sizeof(*share),
&share->state.rec_per_key_part,sizeof(long)*key_parts, &share->state.rec_per_key_part,sizeof(long)*key_parts,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7