Commit f3d17d12 authored by unknown's avatar unknown

protect against malicious server trying to crash command-line client :)

parent 559a74d2
......@@ -172,7 +172,7 @@ static char *shared_memory_base_name=0;
#endif
static uint opt_protocol=0;
static CHARSET_INFO *charset_info= &my_charset_latin1;
#include "sslopt-vars.h"
const char *default_dbug_option="d:t:o,/tmp/mysql.trace";
......@@ -1520,7 +1520,7 @@ You can turn off this feature to get a quicker startup with -A\n\n");
j=0;
while ((sql_field=mysql_fetch_field(fields)))
{
sprintf(buf,"%s.%s",table_row[0],sql_field->name);
sprintf(buf,"%.64s.%.64s",table_row[0],sql_field->name);
field_names[i][j] = strdup_root(&hash_mem_root,buf);
add_word(&ht,field_names[i][j]);
field_names[i][num_fields+j] = strdup_root(&hash_mem_root,
......@@ -1597,7 +1597,7 @@ int mysql_real_query_for_lazy(const char *buf, int length)
for (uint retry=0;; retry++)
{
if (!mysql_real_query(&mysql,buf,length))
return 0;
return 0;
int error= put_error(&mysql);
if (mysql_errno(&mysql) != CR_SERVER_GONE_ERROR || retry > 1 ||
!opt_reconnect)
......@@ -2526,7 +2526,7 @@ com_connect(String *buffer, char *line)
{
sprintf(buff,"Connection id: %lu",mysql_thread_id(&mysql));
put_info(buff,INFO_INFO);
sprintf(buff,"Current database: %s\n",
sprintf(buff,"Current database: %.128s\n",
current_db ? current_db : "*** NONE ***");
put_info(buff,INFO_INFO);
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment