MySQL Bugs: #27715: mysqld --character-sets-dir buffer overflow

Bug #27715	mysqld --character-sets-dir buffer overflow
Submitted:	9 Apr 2007 14:31	Modified:	8 May 2007 3:11
Reporter:	Ramil Kalimullin
Status:	Closed
Category:	Server: Charsets	Severity:	S1 (Critical)
Version:		OS:	Any
Assigned to:	Ramil Kalimullin	Target Version:

View
Add Comment
Files
Developer
Edit Submission
View Progress Log

Description:
mysqld doesn't check the length of the composed character set file name (somewhere) that
leads to SIGSEGV.

How to repeat:
just launch 
./mysqld --character-sets-dir=`perl -e 'print "A"x2800';`

Pushed into 5.0.42

Pushed into 5.1.18-beta

Noted in 5.0.42, 5.1.18 changelogs.

mysqld did not check the length of option values and could crash with
a buffer overflow for long values.