• Georgi Kodinov's avatar
    Bug #13889741: HANDLE_FATAL_SIGNAL IN _DB_ENTER_ | · 04857742
    Georgi Kodinov authored
    HANDLE_FATAL_SIGNAL IN STRNLEN
    
    Fixed the following bounds checking problems :
    1. in check_if_legal_filename() make sure the null terminated
    string is long enough before accessing the bytes in it.
    Prevents pottential read-past-buffer-end
    2. in my_wc_mb_filename() of the filename charset check
    for the end of the destination buffer before sending single
    byte characters into it.
    Prevents write-past-end-of-buffer (and garbaling stack in
    the cases reported here) errors.
    
    Added test cases.
    04857742
my_access.c 5.41 KB