Bug #26346 | stack + buffer overrun in mysqldump | ||
---|---|---|---|
Submitted: | 13 Feb 2007 22:08 | Modified: | 12 Apr 2007 16:01 |
Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: mysqldump Command-line Client | Severity: | S3 (Non-critical) |
Version: | 5.0.36BK, 5.1.16BK | OS: | Any (*) |
Assigned to: | Damien Katz | CPU Architecture: | Any |
Tags: | crash, mysqldump, stack overrun |
[13 Feb 2007 22:08]
Shane Bester
[9 Mar 2007 18:49]
Damien Katz
I've tried fixing the original code with as little changing as possible, but it just makes everything really ugly and inconsistent. Instead we are going to take an approach to precompute out the necessary buffer size for the queries.
[9 Mar 2007 22:43]
Damien Katz
Latest patch proposal here: http://lists.mysql.com/commits/21659 I'm using a dyn string. It generally simplifies the code and puts no hard limit on the query length.
[16 Mar 2007 1:38]
Damien Katz
Here is the latest patch proposal: http://lists.mysql.com/commits/22077
[6 Apr 2007 17:22]
Bugs System
Pushed into 5.0.40
[6 Apr 2007 17:25]
Bugs System
Pushed into 5.1.18-beta
[11 Apr 2007 21:38]
Timothy Smith
For docs team: mysqldump could crash or exhibit incorrect behavior when some options were given very log values. For example, --fields-terminated-by=<some very long string>. The code has been cleaned up to remove a number of fixed-sized buffers and to be more careful about error conditions in memory allocation.
[12 Apr 2007 16:01]
Paul DuBois
Noted in 5.0.40, 5.1.18 changelogs.