Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
mysql
mysql-5.0.67-CVE-2010-1850.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mysql-5.0.67-CVE-2010-1850.patch of Package mysql
Index: sql/sql_parse.cc =================================================================== --- sql/sql_parse.cc.orig +++ sql/sql_parse.cc @@ -1961,8 +1961,16 @@ bool dispatch_command(enum enum_server_c if (thd->copy_db_to(&table_list.db, &table_list.db_length)) break; pend= strend(packet); + uint arg_length= pend - packet; + + /* Check given table name length. */ + if (arg_length >= packet_length || arg_length > NAME_LEN) + { + my_message(ER_UNKNOWN_COM_ERROR, ER(ER_UNKNOWN_COM_ERROR), MYF(0)); + break; + } thd->convert_string(&conv_name, system_charset_info, - packet, (uint) (pend-packet), thd->charset()); + packet, arg_length, thd->charset()); if (check_table_name (conv_name.str, conv_name.length)) { /* this is OK due to convert_string() null-terminating the string */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor