Bug #89486 using MYSQL_SERVER_SUFFIX longer than 55 bytes causes mysqld crash at start
Submitted: 31 Jan 2018 15:00 Modified: 31 Jan 2018 15:50
Reporter: Przemysław Skibiński (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Compiling Severity:S3 (Non-critical)
Version:5.6, 5.7, 5.6.39 OS:Any
Assigned to: CPU Architecture:Any

[31 Jan 2018 15:00] Przemysław Skibiński 
Description:
Setting MYSQL_SERVER_SUFFIX to about 55 bytes or more causes overflow in set_server_version() through the "server_version" array declared as:

#define SERVER_VERSION_LENGTH 60
char server_version[SERVER_VERSION_LENGTH];

How to repeat:
cmake ... -DMYSQL_SERVER_SUFFIX=123456789012345678901234567890123456789012345678901234567890

Suggested fix:
Add overflow checking in set_server_version().
[31 Jan 2018 15:50] MySQL Verification Team 
Hello Przemysław,

Thank you for the report and feedback.
Observed that debug build is affected.

Thanks,
Umesh
[31 Jan 2018 16:03] MySQL Verification Team 
test results

Attachment: 89486_5.6.39.results (application/octet-stream, text), 5.91 KiB.