commit 43bb2e8768bd1e417677b403de8e022ab00ed26a Author: Laurynas Biveinis Date: Wed Sep 21 12:33:12 2016 +0300 Merge branch 'bug1626002-5.6' into bug1626002-5.7 diff --git a/storage/innobase/mach/mach0data.cc b/storage/innobase/mach/mach0data.cc index 1d7008c..9a905e7 100644 --- a/storage/innobase/mach/mach0data.cc +++ b/storage/innobase/mach/mach0data.cc @@ -90,7 +90,18 @@ mach_parse_compressed( /* 0nnnnnnn (7 bits) */ ++*ptr; return(static_cast(val)); - } else if (val < 0xC0) { + } + + /* Workaround GCC bug + https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77673: + the compiler moves mach_read_from_4 right to the beginning of the + function, causing and out-of-bounds read if we are reading a short + integer close to the end of buffer. */ +#if defined(__GNUC__) && (__GNUC__ >= 5) && !defined(__clang__) + asm volatile("": : :"memory"); +#endif + + if (val < 0xC0) { /* 10nnnnnn nnnnnnnn (14 bits) */ if (end_ptr >= *ptr + 2) { val = mach_read_from_2(*ptr) & 0x3FFF;