From f20d15d07faa14a865148e6d965a908138e36bbf Mon Sep 17 00:00:00 2001 From: Jim Winstead Date: Mon, 23 Nov 2009 13:54:27 -0800 Subject: Fix C99 aliasing violation due to mismatched types that were papered over with a cast. (Bug #48284) --- libmysql/libmysql.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'libmysql/libmysql.c') diff --git a/libmysql/libmysql.c b/libmysql/libmysql.c index 77ff2a01d7c..98955c8fc89 100644 --- a/libmysql/libmysql.c +++ b/libmysql/libmysql.c @@ -2285,7 +2285,7 @@ mysql_stmt_param_metadata(MYSQL_STMT *stmt) /* Store type of parameter in network buffer. */ -static void store_param_type(char **pos, MYSQL_BIND *param) +static void store_param_type(unsigned char **pos, MYSQL_BIND *param) { uint typecode= param->buffer_type | (param->is_unsigned ? 32768 : 0); int2store(*pos, typecode); @@ -2565,7 +2565,7 @@ int cli_stmt_execute(MYSQL_STMT *stmt) that is sent to the server. */ for (param= stmt->params; param < param_end ; param++) - store_param_type((char**) &net->write_pos, param); + store_param_type(&net->write_pos, param); } for (param= stmt->params; param < param_end; param++) -- cgit v1.2.1 From 8969530cffde0c7a466cf3aa8c4b7462d0ace2d2 Mon Sep 17 00:00:00 2001 From: Staale Smedseng Date: Sat, 12 Dec 2009 19:11:25 +0100 Subject: Bug #45058 init_available_charsets uses double checked locking As documented in the bug report, the double checked locking pattern has inherent issues, and cannot guarantee correct initialization. This patch replaces the logic in init_available_charsets() with the use of pthread_once(3). A wrapper function, my_pthread_once(), is introduced and is used in lieu of direct calls to init_available_charsets(). Related defines MY_PTHREAD_ONCE_* are also introduced. For the Windows platform, the implementation in lp:sysbench is ported. For single-thread use, a simple define calls the function and sets the pthread_once control variable. Charset initialization is modified to use my_pthread_once(). include/my_no_pthread.h: Dummy my_pthread_once() for single thread use. include/my_pthread.h: Declaration for new function my_pthread_once(). mysys/charset.c: Logic in init_available_charsets() is simplified. Using my_pthread_once() for all calls to this func. mysys/my_winthread.c: Windows implementation of my_pthread_once(). --- libmysql/libmysql.c | 1 - 1 file changed, 1 deletion(-) (limited to 'libmysql/libmysql.c') diff --git a/libmysql/libmysql.c b/libmysql/libmysql.c index 1264f2765ba..36b1d9cac72 100644 --- a/libmysql/libmysql.c +++ b/libmysql/libmysql.c @@ -211,7 +211,6 @@ void STDCALL mysql_server_end() } else { - free_charsets(); mysql_thread_end(); } -- cgit v1.2.1 From 06a1df91813ea2c39f7312bcf8af972c7e8a926f Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Thu, 17 Dec 2009 15:58:38 -0200 Subject: Bug#48983: Bad strmake calls (length one too long) The problem is a somewhat common misusage of the strmake function. The strmake(dst, src, len) function writes at most /len/ bytes to the string pointed to by src, not including the trailing null byte. Hence, if /len/ is the exact length of the destination buffer, a one byte buffer overflow can occur if the length of the source string is equal to or greater than /len/. client/mysqldump.c: Make room for the trailing null byte. libmysql/libmysql.c: Add comment, there is enough room in the buffer. Increase buffer length, two strings are concatenated. libmysqld/lib_sql.cc: Make room for the trailing null byte. mysys/default.c: Make room for the trailing null bytes. mysys/mf_pack.c: Make room for the trailing null byte. server-tools/instance-manager/commands.cc: Copy only if overflow isn't possible in both cases. server-tools/instance-manager/listener.cc: Make room for the trailing null byte. sql/log.cc: Make room for the trailing null byte. sql/sp_pcontext.h: Cosmetic fix. sql/sql_acl.cc: MAX_HOSTNAME already specifies space for the trailing null byte. sql/sql_parse.cc: Make room for the trailing null byte. sql/sql_table.cc: Make room for the trailing null byte. --- libmysql/libmysql.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'libmysql/libmysql.c') diff --git a/libmysql/libmysql.c b/libmysql/libmysql.c index d287679bebb..62feae1b56e 100644 --- a/libmysql/libmysql.c +++ b/libmysql/libmysql.c @@ -712,7 +712,10 @@ my_bool STDCALL mysql_change_user(MYSQL *mysql, const char *user, if (!passwd) passwd=""; - /* Store user into the buffer */ + /* + Store user into the buffer. + Advance position as strmake returns a pointer to the closing NUL. + */ end= strmake(end, user, USERNAME_LENGTH) + 1; /* write scrambled password according to server capabilities */ @@ -1252,7 +1255,7 @@ mysql_list_fields(MYSQL *mysql, const char *table, const char *wild) { MYSQL_RES *result; MYSQL_FIELD *fields; - char buff[257],*end; + char buff[258],*end; DBUG_ENTER("mysql_list_fields"); DBUG_PRINT("enter",("table: '%s' wild: '%s'",table,wild ? wild : "")); -- cgit v1.2.1