Commit 3b5c7a03 authored by unknown's avatar unknown

ndb - bug#34107 patch 1, kernel


ndb/src/kernel/blocks/dbtup/Dbtup.hpp:
  bug#34107 check stored proc overflow
ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp:
  bug#34107 check stored proc overflow
ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp:
  bug#34107 check stored proc overflow
ndb/src/ndbapi/ndberror.c:
  bug#34107 check stored proc overflow
parent 507c8a13
...@@ -198,6 +198,7 @@ ...@@ -198,6 +198,7 @@
#define ZUNSUPPORTED_BRANCH 892 #define ZUNSUPPORTED_BRANCH 892
#define ZSTORED_SEIZE_ATTRINBUFREC_ERROR 873 // Part of Scan #define ZSTORED_SEIZE_ATTRINBUFREC_ERROR 873 // Part of Scan
#define ZSTORED_TOO_MUCH_ATTRINFO_ERROR 874
#define ZREAD_ONLY_CONSTRAINT_VIOLATION 893 #define ZREAD_ONLY_CONSTRAINT_VIOLATION 893
#define ZVAR_SIZED_NOT_SUPPORTED 894 #define ZVAR_SIZED_NOT_SUPPORTED 894
...@@ -2173,7 +2174,8 @@ private: ...@@ -2173,7 +2174,8 @@ private:
Operationrec* regOperPtr, Operationrec* regOperPtr,
Uint32 lenAttrInfo); Uint32 lenAttrInfo);
void storedSeizeAttrinbufrecErrorLab(Signal* signal, void storedSeizeAttrinbufrecErrorLab(Signal* signal,
Operationrec* regOperPtr); Operationrec* regOperPtr,
Uint32 errorCode);
bool storedProcedureAttrInfo(Signal* signal, bool storedProcedureAttrInfo(Signal* signal,
Operationrec* regOperPtr, Operationrec* regOperPtr,
Uint32 length, Uint32 length,
......
...@@ -77,6 +77,14 @@ void Dbtup::copyAttrinfo(Signal* signal, ...@@ -77,6 +77,14 @@ void Dbtup::copyAttrinfo(Signal* signal,
RbufLen = copyAttrBufPtr.p->attrbuf[ZBUF_DATA_LEN]; RbufLen = copyAttrBufPtr.p->attrbuf[ZBUF_DATA_LEN];
Rnext = copyAttrBufPtr.p->attrbuf[ZBUF_NEXT]; Rnext = copyAttrBufPtr.p->attrbuf[ZBUF_NEXT];
Rfirst = cfirstfreeAttrbufrec; Rfirst = cfirstfreeAttrbufrec;
/*
* ATTRINFO comes from 2 mutually exclusive places:
* 1) TUPKEYREQ (also interpreted part)
* 2) STORED_PROCREQ before scan start
* Assert here that both have a check for overflow.
* The "<" instead of "<=" is intentional.
*/
ndbrequire(RinBufIndex + RbufLen < ZATTR_BUFFER_SIZE);
MEMCOPY_NO_WORDS(&inBuffer[RinBufIndex], MEMCOPY_NO_WORDS(&inBuffer[RinBufIndex],
&copyAttrBufPtr.p->attrbuf[0], &copyAttrBufPtr.p->attrbuf[0],
RbufLen); RbufLen);
......
...@@ -108,6 +108,11 @@ void Dbtup::scanProcedure(Signal* signal, ...@@ -108,6 +108,11 @@ void Dbtup::scanProcedure(Signal* signal,
regOperPtr->attrinbufLen = lenAttrInfo; regOperPtr->attrinbufLen = lenAttrInfo;
regOperPtr->currentAttrinbufLen = 0; regOperPtr->currentAttrinbufLen = 0;
regOperPtr->pageOffset = storedPtr.i; regOperPtr->pageOffset = storedPtr.i;
if (lenAttrInfo >= ZATTR_BUFFER_SIZE) { // yes ">="
jam();
// send REF and change state to ignore the ATTRINFO to come
storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_TOO_MUCH_ATTRINFO_ERROR);
}
}//Dbtup::scanProcedure() }//Dbtup::scanProcedure()
void Dbtup::copyProcedure(Signal* signal, void Dbtup::copyProcedure(Signal* signal,
...@@ -146,7 +151,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal, ...@@ -146,7 +151,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal,
Uint32 RnoFree = cnoFreeAttrbufrec; Uint32 RnoFree = cnoFreeAttrbufrec;
if (ERROR_INSERTED(4004) && !copyProcedure) { if (ERROR_INSERTED(4004) && !copyProcedure) {
CLEAR_ERROR_INSERT_VALUE; CLEAR_ERROR_INSERT_VALUE;
storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR);
return false; return false;
}//if }//if
regOperPtr->currentAttrinbufLen += length; regOperPtr->currentAttrinbufLen += length;
...@@ -162,7 +167,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal, ...@@ -162,7 +167,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal,
regAttrPtr.p->attrbuf[ZBUF_NEXT] = RNIL; regAttrPtr.p->attrbuf[ZBUF_NEXT] = RNIL;
} else { } else {
ljam(); ljam();
storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR);
return false; return false;
}//if }//if
if (regOperPtr->firstAttrinbufrec == RNIL) { if (regOperPtr->firstAttrinbufrec == RNIL) {
...@@ -190,7 +195,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal, ...@@ -190,7 +195,7 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal,
}//if }//if
if (ERROR_INSERTED(4005) && !copyProcedure) { if (ERROR_INSERTED(4005) && !copyProcedure) {
CLEAR_ERROR_INSERT_VALUE; CLEAR_ERROR_INSERT_VALUE;
storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR);
return false; return false;
}//if }//if
...@@ -211,7 +216,8 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal, ...@@ -211,7 +216,8 @@ bool Dbtup::storedProcedureAttrInfo(Signal* signal,
}//Dbtup::storedProcedureAttrInfo() }//Dbtup::storedProcedureAttrInfo()
void Dbtup::storedSeizeAttrinbufrecErrorLab(Signal* signal, void Dbtup::storedSeizeAttrinbufrecErrorLab(Signal* signal,
Operationrec* regOperPtr) Operationrec* regOperPtr,
Uint32 errorCode)
{ {
StoredProcPtr storedPtr; StoredProcPtr storedPtr;
c_storedProcPool.getPtr(storedPtr, (Uint32)regOperPtr->pageOffset); c_storedProcPool.getPtr(storedPtr, (Uint32)regOperPtr->pageOffset);
...@@ -222,7 +228,7 @@ void Dbtup::storedSeizeAttrinbufrecErrorLab(Signal* signal, ...@@ -222,7 +228,7 @@ void Dbtup::storedSeizeAttrinbufrecErrorLab(Signal* signal,
regOperPtr->lastAttrinbufrec = RNIL; regOperPtr->lastAttrinbufrec = RNIL;
regOperPtr->transstate = ERROR_WAIT_STORED_PROCREQ; regOperPtr->transstate = ERROR_WAIT_STORED_PROCREQ;
signal->theData[0] = regOperPtr->userpointer; signal->theData[0] = regOperPtr->userpointer;
signal->theData[1] = ZSTORED_SEIZE_ATTRINBUFREC_ERROR; signal->theData[1] = errorCode;
signal->theData[2] = regOperPtr->pageOffset; signal->theData[2] = regOperPtr->pageOffset;
sendSignal(regOperPtr->userblockref, GSN_STORED_PROCREF, signal, 3, JBB); sendSignal(regOperPtr->userblockref, GSN_STORED_PROCREF, signal, 3, JBB);
}//Dbtup::storedSeizeAttrinbufrecErrorLab() }//Dbtup::storedSeizeAttrinbufrecErrorLab()
......
...@@ -291,6 +291,7 @@ ErrorBundle ErrorCodes[] = { ...@@ -291,6 +291,7 @@ ErrorBundle ErrorCodes[] = {
{ 242, AE, "Zero concurrency in scan"}, { 242, AE, "Zero concurrency in scan"},
{ 244, AE, "Too high concurrency in scan"}, { 244, AE, "Too high concurrency in scan"},
{ 269, AE, "No condition and attributes to read in scan"}, { 269, AE, "No condition and attributes to read in scan"},
{ 874, AE, "Too much attrinfo (e.g. scan filter) for scan in tuple manager" },
{ 4600, AE, "Transaction is already started"}, { 4600, AE, "Transaction is already started"},
{ 4601, AE, "Transaction is not started"}, { 4601, AE, "Transaction is not started"},
{ 4602, AE, "You must call getNdbOperation before executeScan" }, { 4602, AE, "You must call getNdbOperation before executeScan" },
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment