From e4784703ee44d0a0a497a1a411dea20987d501ad Mon Sep 17 00:00:00 2001
From: Arun Kuruvila <arun.kuruvila@oracle.com>
Date: Mon, 12 Feb 2018 15:19:43 +0530
Subject: Bug#25471090: MYSQL USE AFTER FREE

Description:- Mysql client crashes when trying to connect
to a fake server which is sending incorrect packets.

Analysis:- Mysql client crashes when it tries to read
server version details.

Fix:- A check is added in "red_one_row()".
---
 include/mysql_com.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include/mysql_com.h')

diff --git a/include/mysql_com.h b/include/mysql_com.h
index 5cd40915743..52e8a367e3d 100644
--- a/include/mysql_com.h
+++ b/include/mysql_com.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -561,6 +561,7 @@ void my_thread_end(void);
 
 #ifdef _global_h
 ulong STDCALL net_field_length(uchar **packet);
+ulong STDCALL net_field_length_checked(uchar **packet, ulong max_length);
 my_ulonglong net_field_length_ll(uchar **packet);
 uchar *net_store_length(uchar *pkg, ulonglong length);
 #endif
-- 
cgit v1.2.1