Commit 91e1b1b1 authored by unknown's avatar unknown

Merge sinisa@work.mysql.com:/home/bk/mysql

into sinisa.nasamreza.org:/mnt/work/mysql

parents a0efe927 faefac30
......@@ -891,7 +891,7 @@ static MYSQL_DATA *read_rows(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
uint field,pkt_len;
ulong len;
uchar *cp;
char *to;
char *to, *end_to;
MYSQL_DATA *result;
MYSQL_ROWS **prev_ptr,*cur;
NET *net = &mysql->net;
......@@ -929,6 +929,7 @@ static MYSQL_DATA *read_rows(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
*prev_ptr=cur;
prev_ptr= &cur->next;
to= (char*) (cur->data+fields+1);
end_to=to+pkt_len-1;
for (field=0 ; field < fields ; field++)
{
if ((len=(ulong) net_field_length(&cp)) == NULL_LENGTH)
......@@ -938,6 +939,13 @@ static MYSQL_DATA *read_rows(MYSQL *mysql,MYSQL_FIELD *mysql_fields,
else
{
cur->data[field] = to;
if (to+len > end_to)
{
free_rows(result);
net->last_errno=CR_UNKNOWN_ERROR;
strmov(net->last_error,ER(net->last_errno));
DBUG_RETURN(0);
}
memcpy(to,(char*) cp,len); to[len]=0;
to+=len+1;
cp+=len;
......
......@@ -109,6 +109,8 @@ static bool check_user(THD *thd,enum_server_command command, const char *user,
NET *net= &thd->net;
thd->db=0;
if (passwd[0] && strlen(passwd) != SCRAMBLE_LENGTH)
return 1;
if (!(thd->user = my_strdup(user, MYF(0))))
{
send_error(net,ER_OUT_OF_RESOURCES);
......@@ -458,8 +460,6 @@ check_connections(THD *thd)
char *user= (char*) net->read_pos+5;
char *passwd= strend(user)+1;
char *db=0;
if (passwd[0] && strlen(passwd) != SCRAMBLE_LENGTH)
return ER_HANDSHAKE_ERROR;
if (thd->client_capabilities & CLIENT_CONNECT_WITH_DB)
db=strend(passwd)+1;
if (thd->client_capabilities & CLIENT_INTERACTIVE)
......@@ -768,8 +768,8 @@ bool do_command(THD *thd)
thread_safe_increment(com_other,&LOCK_thread_count);
slow_command = TRUE;
char* data = packet + 1;
uint db_len = *data;
uint tbl_len = *(data + db_len + 1);
uint db_len = *(uchar *)data;
uint tbl_len = *(uchar *)(data + db_len + 1);
char* db = sql_alloc(db_len + tbl_len + 2);
memcpy(db, data + 1, db_len);
char* tbl_name = db + db_len;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment