Commit f8e27655 authored by Venkata Sidagam's avatar Venkata Sidagam

Bug#16900358 FIX FOR CVE-2012-5611 IS INCOMPLETE

Merging from mysql-5.1 to mysql-5.5
parents bdb62daa 9fc51224
......@@ -1588,7 +1588,8 @@ ulong acl_get(const char *host, const char *ip,
copy_length= (size_t) (strlen(ip ? ip : "") +
strlen(user ? user : "") +
strlen(db ? db : ""));
strlen(db ? db : "")) + 2; /* Added 2 at the end to avoid
buffer overflow at strmov()*/
/*
Make sure that strmov() operations do not result in buffer overflow.
*/
......@@ -4957,7 +4958,8 @@ bool check_grant_db(THD *thd,const char *db)
size_t copy_length;
copy_length= (size_t) (strlen(sctx->priv_user ? sctx->priv_user : "") +
strlen(db ? db : ""));
strlen(db ? db : "")) + 1; /* Added 1 at the end to avoid
buffer overflow at strmov()*/
/*
Make sure that strmov() operations do not result in buffer overflow.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment