| Bug #62545 | my_atof and getopt_double callers pass bogus end of string offsets | ||
|---|---|---|---|
| Submitted: | 26 Sep 2011 22:44 | Modified: | 27 Sep 2011 11:49 |
| Reporter: | Mark Callaghan | Email Updates: | |
| Status: | Verified | Impact on me: | |
| Category: | MySQL Server: Options | Severity: | S3 (Non-critical) |
| Version: | 5.5 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
[27 Sep 2011 11:49]
Valeriy Kravchuk
Thank you for the problem report. Verified by code review of current mysql-5.5.
[1 Feb 2012 19:10]
Synctany Synctany
average salary for pharmacy technician http://sundrugstore.net/products/intagra.htm sisters pharmacy
Description: From trunk: my_strod uses the second argument as a limit for when the search should be stopped. I don't think bogus "max" (1000 and 65535) values should be passed to it. static double getopt_double(char *arg, const struct my_option *optp, int *err) { double num; int error; char *end= arg + 1000; /* Big enough as *arg is \0 terminated */ num= my_strtod(arg, &end, &error); double my_atof(const char *nptr) { int error; const char *end= nptr+65535; /* Should be enough */ return (my_strtod(nptr, (char**) &end, &error)); How to repeat: read the code Suggested fix: use a string length