Commit 6f572a8e authored by Tatiana A. Nurnberg's avatar Tatiana A. Nurnberg

Bug#43153: Version comment is too long

mysql-client used static buffer to concatenate server-
version and version_comment. Sufficiently long comments
could get cut off. This was harmless, but looked daft.

Now using a dynamic buffer instead.

client/mysql.cc:
  Use dynamic rather than static buffer for server
  information. If we can get both version and comment,
  concat them and use that. Otherwise, try to use just
  version. If that fails too, return empty string so
  overly trusting callers do not crash. Release memory
  as needed.
parent 868db2f2
...@@ -49,7 +49,7 @@ const char *VER= "14.14"; ...@@ -49,7 +49,7 @@ const char *VER= "14.14";
#define MAX_COLUMN_LENGTH 1024 #define MAX_COLUMN_LENGTH 1024
/* Buffer to hold 'version' and 'version_comment' */ /* Buffer to hold 'version' and 'version_comment' */
#define MAX_SERVER_VERSION_LENGTH 128 static char *server_version= NULL;
/* Array of options to pass to libemysqld */ /* Array of options to pass to libemysqld */
#define MAX_SERVER_ARGS 64 #define MAX_SERVER_ARGS 64
...@@ -1236,6 +1236,7 @@ sig_handler mysql_end(int sig) ...@@ -1236,6 +1236,7 @@ sig_handler mysql_end(int sig)
glob_buffer.free(); glob_buffer.free();
old_buffer.free(); old_buffer.free();
processed_prompt.free(); processed_prompt.free();
my_free(server_version,MYF(MY_ALLOW_ZERO_PTR));
my_free(opt_password,MYF(MY_ALLOW_ZERO_PTR)); my_free(opt_password,MYF(MY_ALLOW_ZERO_PTR));
my_free(opt_mysql_unix_port,MYF(MY_ALLOW_ZERO_PTR)); my_free(opt_mysql_unix_port,MYF(MY_ALLOW_ZERO_PTR));
my_free(histfile,MYF(MY_ALLOW_ZERO_PTR)); my_free(histfile,MYF(MY_ALLOW_ZERO_PTR));
...@@ -4365,16 +4366,11 @@ select_limit, max_join_size); ...@@ -4365,16 +4366,11 @@ select_limit, max_join_size);
static const char * static const char *
server_version_string(MYSQL *con) server_version_string(MYSQL *con)
{ {
static char buf[MAX_SERVER_VERSION_LENGTH] = "";
/* Only one thread calls this, so no synchronization is needed */ /* Only one thread calls this, so no synchronization is needed */
if (buf[0] == '\0') if (server_version == NULL)
{ {
char *bufp = buf;
MYSQL_RES *result; MYSQL_RES *result;
bufp= strnmov(buf, mysql_get_server_info(con), sizeof buf);
/* "limit 1" is protection against SQL_SELECT_LIMIT=0 */ /* "limit 1" is protection against SQL_SELECT_LIMIT=0 */
if (!mysql_query(con, "select @@version_comment limit 1") && if (!mysql_query(con, "select @@version_comment limit 1") &&
(result = mysql_use_result(con))) (result = mysql_use_result(con)))
...@@ -4382,17 +4378,32 @@ server_version_string(MYSQL *con) ...@@ -4382,17 +4378,32 @@ server_version_string(MYSQL *con)
MYSQL_ROW cur = mysql_fetch_row(result); MYSQL_ROW cur = mysql_fetch_row(result);
if (cur && cur[0]) if (cur && cur[0])
{ {
bufp = strxnmov(bufp, sizeof buf - (bufp - buf), " ", cur[0], NullS); /* version, space, comment, \0 */
size_t len= strlen(mysql_get_server_info(con)) + strlen(cur[0]) + 2;
if ((server_version= (char *) my_malloc(len, MYF(MY_WME))))
{
char *bufp;
bufp = strmov(server_version, mysql_get_server_info(con));
bufp = strmov(bufp, " ");
(void) strmov(bufp, cur[0]);
}
} }
mysql_free_result(result); mysql_free_result(result);
} }
/* str*nmov doesn't guarantee NUL-termination */ /*
if (bufp == buf + sizeof buf) If for some reason we didn't get a version_comment, we'll
buf[sizeof buf - 1] = '\0'; keep things simple.
*/
if (server_version == NULL)
{
server_version= strdup(mysql_get_server_info(con));
}
} }
return buf; return server_version ? server_version : "";
} }
static int static int
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment