Bug #89415 Undersized buffers in regex/debug.c
Submitted: 25 Jan 2018 15:32 Modified: 8 Feb 2018 8:30
Reporter: Zsolt Parragi (OCA) Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server: Compiling Severity:S3 (Non-critical)
Version:5.6. 5.7 OS:Any
Assigned to: CPU Architecture:Any

[25 Jan 2018 15:32] Zsolt Parragi 
Description:
There are two local variables named buf in that file: in the functions regprint and s_print.

Both are declared as 10 bytes in 5.6, but the first should be 11 bytes, and the second should be 13.

In 5.7, the second buffer was changed to be 20 bytes.

How to repeat:
Reported by gcc 7 as a warning
[7 Feb 2018 13:28] MySQL Verification Team 
Hi!

In this particular case, I do not think it is a bug.

Since regular expression searches are used only for up to two-byte character sets, I do not see how can nine bytes be insufficient .....
[7 Feb 2018 13:42] MySQL Verification Team 
Hi!

As I just found out, our regex library is working only on single-byte character sets. You can not have a single byte represented in octal with nine bytes.

Hence, not a bug .....
[8 Feb 2018 8:30] Zsolt Parragi 
Hello

The problem is, that with -DMYSQL_MAINTAINER_MODE=ON, warnings are treated as errors.

As this results in warnings with gcc7, that means that it causes build errors in some build configurations.

Of course, it could be fixed in a different way - e.g. by using snprintf instead of sprintf, but as I mentioned in the description, in 5.7 one of the buffers was already increased to fix one of the issues.