Skip to content

M
mariadb
Commit c15c2704 authored by eric@mysql.com's avatar eric@mysql.com
Browse files
Options

fix potential security hole, pointed out by Sergei. Also simplify code per Sergei's suggestion.

parent a316a30d
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 7 deletions
sql/ha_federated.cc
View file @ c15c2704
......@@ -2616,10 +2616,8 @@ int ha_federated::stash_remote_error()
DBUG_ENTER("ha_federated::stash_remote_error()");
remote_error_number= mysql_errno(mysql);
const char *remote_error= mysql_error(mysql);
remote_error_len= strlen(remote_error);
if(remote_error_len > (sizeof(remote_error_buf) - 1))
remote_error_len= (sizeof(remote_error_buf) - 1);
my_snprintf(remote_error_buf, remote_error_len + 1, remote_error);
my_snprintf(remote_error_buf, sizeof(remote_error_buf), "%s",
mysql_error(mysql));
DBUG_RETURN(HA_FEDERATED_ERROR_WITH_REMOTE_SYSTEM);
}
......@@ -2633,11 +2631,10 @@ bool ha_federated::get_error_message(int error, String* buf)
buf->append("Error on remote system: ");
buf->qs_append(remote_error_number);
buf->append(": ");
buf->append(remote_error_buf, remote_error_len);
buf->append(remote_error_buf);
remote_error_number= 0;
remote_error_buf[0]= '\0';
remote_error_len= 0;
}
DBUG_PRINT("exit", ("message: %s", buf->ptr()));
DBUG_RETURN(FALSE);
......
sql/ha_federated.h
View file @ c15c2704
......@@ -159,7 +159,6 @@ class ha_federated: public handler
MYSQL_ROW_OFFSET current_position; // Current position used by ::position()
int remote_error_number;
char remote_error_buf[FEDERATED_QUERY_BUFFER_SIZE];
uint remote_error_len;
private:
/*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7