Bug #89414 Undersized buffer in myisamchk
Submitted: 25 Jan 2018 15:26 Modified: 25 Jan 2018 16:32
Reporter: Zsolt Parragi (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: MyISAM storage engine Severity:S3 (Non-critical)
Version:5.5, 5.6 OS:Any
Assigned to: CPU Architecture:Any

[25 Jan 2018 15:26] Zsolt Parragi 
Description:
The descript function in myisamchk contains the following two local variables:

char null_bit[8],null_pos[8];

These are later used as buffers for sprintf, and null_pos should be greater based on its usage - 11 bytes.

Only 5.5 and 5.6 is affected, as the buffer size was changed to 16 bytes in 5.7.

How to repeat:
Reported as a warning by gcc 7
[25 Jan 2018 16:32] MySQL Verification Team 
Hi!

Your observation is fully valid.

However, it is possible that this potential bug will not be fixed due to the changes required in the code. Definitely, when 8.0 becomes GA, 5.5 will be out of maintenance.

Verified, but without high priority.