• unknown's avatar
    Bug#24924: shared-memory-base-name that is too long causes buffer overflow · 4d9cc3db
    unknown authored
    long shared-memory-base-names could overflow a static internal buffer
    and thus crash mysqld and various clients.  change both to dynamic
    buffers, show everything but overflowing those buffers still works.
    
    The test case for this would pretty much amount to
    mysqld --shared-memory-base-name=HeyMrBaseNameXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --shared-memory=1 &
    mysqladmin --no-defaults --shared-memory-base-name=HeyMrBaseNameXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX shutdown
    
    Unfortunately, we can't just use an .opt file for the
    server. The .opt file is used at start-up, before any
    include in the actual test can tell mysqltest to skip
    this one on non-Windows. As a result, such a test would
    break on unices.
    
    Fixing mysql-test-run.pl to export full path for master
    and slave would enable us to start a server from within
    the test which is ugly and, what's more, doesn't work as
    the server blocks (mysqltest offers no fire-and-forget
    fork-and-exec), and mysqladmin never gets run.
    
    Making the test rpl_windows_shm or some such so we can
    is beyond ugly. As is introducing another file-name based
    special case (run "win*.test" only when on Windows). As is
    (yuck) coding half the test into mtr (as in, having it
    hand out a customized environment conductive to the shm-
    thing on Win only).
    
    Situation is exacerbated by the fact that .sh is not
    necessary run as expected on Win.
    
    In short, it's just not worth it. No test-case until we
    have a new-and-improved test framework.
    
    
    sql-common/client.c:
      Bug#24924: shared-memory-base-name that is too long causes buffer overflow
      
      compose shared memory name in dynamic rather than static buffer to prevent
      overflows (clients)
    sql/mysqld.cc:
      Bug#24924: shared-memory-base-name that is too long causes buffer overflow
      
      compose shared memory name in dynamic rather than static buffer to prevent
      overflows (server)
    4d9cc3db
mysqld.cc 280 KB