Commit 1524cd00 authored by monty@mishka.local's avatar monty@mishka.local

Cleanup during review of new code

Fixed wrong allocation that could cause buffer overrun when using join cache
parent f36ee2a9
...@@ -78,7 +78,7 @@ MI_INFO *mi_open(const char *name, int mode, uint open_flags) ...@@ -78,7 +78,7 @@ MI_INFO *mi_open(const char *name, int mode, uint open_flags)
int lock_error,kfile,open_mode,save_errno,have_rtree=0; int lock_error,kfile,open_mode,save_errno,have_rtree=0;
uint i,j,len,errpos,head_length,base_pos,offset,info_length,keys, uint i,j,len,errpos,head_length,base_pos,offset,info_length,keys,
key_parts,unique_key_parts,fulltext_keys,uniques; key_parts,unique_key_parts,fulltext_keys,uniques;
char name_buff[FN_REFLEN], org_name [FN_REFLEN], index_name[FN_REFLEN], char name_buff[FN_REFLEN], org_name[FN_REFLEN], index_name[FN_REFLEN],
data_name[FN_REFLEN]; data_name[FN_REFLEN];
char *disk_cache, *disk_pos, *end_pos; char *disk_cache, *disk_pos, *end_pos;
MI_INFO info,*m_info,*old_info; MI_INFO info,*m_info,*old_info;
......
DROP TABLE IF EXISTS t1,t2,t3; DROP TABLE IF EXISTS t1,t2,t3,t2aA,t1Aa;
DROP DATABASE IF EXISTS `TEST_$1`; DROP DATABASE IF EXISTS `TEST_$1`;
DROP DATABASE IF EXISTS `test_$1`; DROP DATABASE IF EXISTS `test_$1`;
DROP DATABASE mysqltest_LC2;
CREATE TABLE T1 (a int); CREATE TABLE T1 (a int);
INSERT INTO T1 VALUES (1); INSERT INTO T1 VALUES (1);
SHOW TABLES LIKE "T1"; SHOW TABLES LIKE "T1";
......
...@@ -10,9 +10,10 @@ show variables like "lower_case_table_names"; ...@@ -10,9 +10,10 @@ show variables like "lower_case_table_names";
enable_query_log; enable_query_log;
--disable_warnings --disable_warnings
DROP TABLE IF EXISTS t1,t2,t3; DROP TABLE IF EXISTS t1,t2,t3,t2aA,t1Aa;
DROP DATABASE IF EXISTS `TEST_$1`; DROP DATABASE IF EXISTS `TEST_$1`;
DROP DATABASE IF EXISTS `test_$1`; DROP DATABASE IF EXISTS `test_$1`;
DROP DATABASE mysqltest_LC2;
--enable_warnings --enable_warnings
CREATE TABLE T1 (a int); CREATE TABLE T1 (a int);
......
...@@ -21,25 +21,34 @@ ...@@ -21,25 +21,34 @@
static void make_ftype(my_string to,int flag); static void make_ftype(my_string to,int flag);
/* Open a file as stream */ /*
Open a file as stream
SYNOPSIS
my_fopen()
FileName Path-name of file
Flags Read | write | append | trunc (like for open())
MyFlags Flags for handling errors
RETURN
0 Error
# File handler
*/
FILE *my_fopen(const char *FileName, int Flags, myf MyFlags) FILE *my_fopen(const char *filename, int flags, myf MyFlags)
/* Path-name of file */
/* Read | write .. */
/* Special flags */
{ {
FILE *fd; FILE *fd;
char type[5]; char type[5];
DBUG_ENTER("my_fopen"); DBUG_ENTER("my_fopen");
DBUG_PRINT("my",("Name: '%s' Flags: %d MyFlags: %d", DBUG_PRINT("my",("Name: '%s' flags: %d MyFlags: %d",
FileName, Flags, MyFlags)); filename, flags, MyFlags));
/* /*
if we are not creating, then we need to use my_access to make sure if we are not creating, then we need to use my_access to make sure
the file exists since Windows doesn't handle files like "com1.sym" the file exists since Windows doesn't handle files like "com1.sym"
very well very well
*/ */
#ifdef __WIN__ #ifdef __WIN__
if (check_if_legal_filename(FileName)) if (check_if_legal_filename(filename))
{ {
errno= EACCES; errno= EACCES;
fd= 0; fd= 0;
...@@ -47,8 +56,8 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags) ...@@ -47,8 +56,8 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags)
else else
#endif #endif
{ {
make_ftype(type,Flags); make_ftype(type,flags);
fd = fopen(FileName, type); fd = fopen(filename, type);
} }
if (fd != 0) if (fd != 0)
...@@ -65,7 +74,7 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags) ...@@ -65,7 +74,7 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags)
} }
pthread_mutex_lock(&THR_LOCK_open); pthread_mutex_lock(&THR_LOCK_open);
if ((my_file_info[fileno(fd)].name = (char*) if ((my_file_info[fileno(fd)].name = (char*)
my_strdup(FileName,MyFlags))) my_strdup(filename,MyFlags)))
{ {
my_stream_opened++; my_stream_opened++;
my_file_info[fileno(fd)].type = STREAM_BY_FOPEN; my_file_info[fileno(fd)].type = STREAM_BY_FOPEN;
...@@ -81,9 +90,9 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags) ...@@ -81,9 +90,9 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags)
my_errno=errno; my_errno=errno;
DBUG_PRINT("error",("Got error %d on open",my_errno)); DBUG_PRINT("error",("Got error %d on open",my_errno));
if (MyFlags & (MY_FFNF | MY_FAE | MY_WME)) if (MyFlags & (MY_FFNF | MY_FAE | MY_WME))
my_error((Flags & O_RDONLY) || (Flags == O_RDONLY ) ? EE_FILENOTFOUND : my_error((flags & O_RDONLY) || (flags == O_RDONLY ) ? EE_FILENOTFOUND :
EE_CANTCREATEFILE, EE_CANTCREATEFILE,
MYF(ME_BELL+ME_WAITTANG), FileName,my_errno); MYF(ME_BELL+ME_WAITTANG), filename, my_errno);
DBUG_RETURN((FILE*) 0); DBUG_RETURN((FILE*) 0);
} /* my_fopen */ } /* my_fopen */
...@@ -158,14 +167,24 @@ FILE *my_fdopen(File Filedes, const char *name, int Flags, myf MyFlags) ...@@ -158,14 +167,24 @@ FILE *my_fdopen(File Filedes, const char *name, int Flags, myf MyFlags)
DBUG_RETURN(fd); DBUG_RETURN(fd);
} /* my_fdopen */ } /* my_fdopen */
/* /*
make_ftype Make a fopen() typestring from a open() type bitmap
Make a filehandler-open-typestring from ordinary inputflags
Note: This routine attempts to find the best possible match SYNOPSIS
make_ftype()
to String for fopen() is stored here
flag Flag used by open()
IMPLEMENTATION
This routine attempts to find the best possible match
between a numeric option and a string option that could be between a numeric option and a string option that could be
fed to fopen. There is not a 1 to 1 mapping between the two. fed to fopen. There is not a 1 to 1 mapping between the two.
NOTE
On Unix, O_RDONLY is usually 0
MAPPING
r == O_RDONLY r == O_RDONLY
w == O_WRONLY|O_TRUNC|O_CREAT w == O_WRONLY|O_TRUNC|O_CREAT
a == O_WRONLY|O_APPEND|O_CREAT a == O_WRONLY|O_APPEND|O_CREAT
...@@ -173,18 +192,14 @@ FILE *my_fdopen(File Filedes, const char *name, int Flags, myf MyFlags) ...@@ -173,18 +192,14 @@ FILE *my_fdopen(File Filedes, const char *name, int Flags, myf MyFlags)
w+ == O_RDWR|O_TRUNC|O_CREAT w+ == O_RDWR|O_TRUNC|O_CREAT
a+ == O_RDWR|O_APPEND|O_CREAT a+ == O_RDWR|O_APPEND|O_CREAT
*/ */
static void make_ftype(register my_string to, register int flag) static void make_ftype(register my_string to, register int flag)
{ {
#if FILE_BINARY
/* If we have binary-files */
reg3 int org_flag=flag;
#endif
flag&= ~FILE_BINARY; /* remove binary bit */
/* check some possible invalid combinations */ /* check some possible invalid combinations */
DBUG_ASSERT(flag & (O_TRUNC|O_APPEND) != O_TRUNC|O_APPEND); DBUG_ASSERT((flag & (O_TRUNC | O_APPEND)) != (O_TRUNC | O_APPEND));
DBUG_ASSERT((flag & (O_WRONLY | O_RDWR)) != (O_WRONLY | O_RDWR));
if (flag & (O_RDONLY|O_WRONLY) == O_WRONLY) if ((flag & (O_RDONLY|O_WRONLY)) == O_WRONLY)
*to++= (flag & O_APPEND) ? 'a' : 'w'; *to++= (flag & O_APPEND) ? 'a' : 'w';
else if (flag & O_RDWR) else if (flag & O_RDWR)
{ {
...@@ -201,9 +216,8 @@ static void make_ftype(register my_string to, register int flag) ...@@ -201,9 +216,8 @@ static void make_ftype(register my_string to, register int flag)
*to++= 'r'; *to++= 'r';
#if FILE_BINARY /* If we have binary-files */ #if FILE_BINARY /* If we have binary-files */
if (org_flag & FILE_BINARY) if (flag & FILE_BINARY)
*to++='b'; *to++='b';
#endif #endif
*to='\0'; *to='\0';
} /* make_ftype */ } /* make_ftype */
...@@ -1053,6 +1053,7 @@ void Field_str::make_field(Send_field *field) ...@@ -1053,6 +1053,7 @@ void Field_str::make_field(Send_field *field)
uint Field::fill_cache_field(CACHE_FIELD *copy) uint Field::fill_cache_field(CACHE_FIELD *copy)
{ {
uint store_length;
copy->str=ptr; copy->str=ptr;
copy->length=pack_length(); copy->length=pack_length();
copy->blob_field=0; copy->blob_field=0;
...@@ -1065,10 +1066,16 @@ uint Field::fill_cache_field(CACHE_FIELD *copy) ...@@ -1065,10 +1066,16 @@ uint Field::fill_cache_field(CACHE_FIELD *copy)
} }
else if (!zero_pack() && (type() == FIELD_TYPE_STRING && copy->length > 4 || else if (!zero_pack() && (type() == FIELD_TYPE_STRING && copy->length > 4 ||
type() == FIELD_TYPE_VAR_STRING)) type() == FIELD_TYPE_VAR_STRING))
{
copy->strip=1; /* Remove end space */ copy->strip=1; /* Remove end space */
store_length= 2;
}
else else
{
copy->strip=0; copy->strip=0;
return copy->length+(int) copy->strip; store_length= 0;
}
return copy->length+ store_length;
} }
......
...@@ -6098,9 +6098,6 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)), ...@@ -6098,9 +6098,6 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)),
case (int) OPT_SLOW_QUERY_LOG: case (int) OPT_SLOW_QUERY_LOG:
opt_slow_log=1; opt_slow_log=1;
break; break;
case (int) OPT_LOG_SLOW_ADMIN_STATEMENTS:
opt_log_slow_admin_statements= 1;
break;
case (int) OPT_SKIP_NEW: case (int) OPT_SKIP_NEW:
opt_specialflag|= SPECIAL_NO_NEW_FUNC; opt_specialflag|= SPECIAL_NO_NEW_FUNC;
delay_key_write_options= (uint) DELAY_KEY_WRITE_NONE; delay_key_write_options= (uint) DELAY_KEY_WRITE_NONE;
......
...@@ -1516,7 +1516,7 @@ bool sys_var::check_set(THD *thd, set_var *var, TYPELIB *enum_names) ...@@ -1516,7 +1516,7 @@ bool sys_var::check_set(THD *thd, set_var *var, TYPELIB *enum_names)
{ {
if (!(res= var->value->val_str(&str))) if (!(res= var->value->val_str(&str)))
{ {
strmake(buff, "NULL", 4); strmov(buff, "NULL");
goto err; goto err;
} }
var->save_result.ulong_value= ((ulong) var->save_result.ulong_value= ((ulong)
......
...@@ -28,8 +28,6 @@ ...@@ -28,8 +28,6 @@
#include <hash.h> #include <hash.h>
#include <ft_global.h> #include <ft_global.h>
typedef uint32 cache_rec_length_type;
const char *join_type_str[]={ "UNKNOWN","system","const","eq_ref","ref", const char *join_type_str[]={ "UNKNOWN","system","const","eq_ref","ref",
"MAYBE_REF","ALL","range","index","fulltext", "MAYBE_REF","ALL","range","index","fulltext",
"ref_or_null","unique_subquery","index_subquery" "ref_or_null","unique_subquery","index_subquery"
...@@ -8074,7 +8072,7 @@ used_blob_length(CACHE_FIELD **ptr) ...@@ -8074,7 +8072,7 @@ used_blob_length(CACHE_FIELD **ptr)
static bool static bool
store_record_in_cache(JOIN_CACHE *cache) store_record_in_cache(JOIN_CACHE *cache)
{ {
cache_rec_length_type length; uint length;
uchar *pos; uchar *pos;
CACHE_FIELD *copy,*end_field; CACHE_FIELD *copy,*end_field;
bool last_record; bool last_record;
...@@ -8119,9 +8117,9 @@ store_record_in_cache(JOIN_CACHE *cache) ...@@ -8119,9 +8117,9 @@ store_record_in_cache(JOIN_CACHE *cache)
end > str && end[-1] == ' ' ; end > str && end[-1] == ' ' ;
end--) ; end--) ;
length=(uint) (end-str); length=(uint) (end-str);
memcpy(pos+sizeof(length), str, length); memcpy(pos+2, str, length);
memcpy_fixed(pos, &length, sizeof(length)); int2store(pos, length);
pos+= length+sizeof(length); pos+= length+2;
} }
else else
{ {
...@@ -8155,7 +8153,7 @@ static void ...@@ -8155,7 +8153,7 @@ static void
read_cached_record(JOIN_TAB *tab) read_cached_record(JOIN_TAB *tab)
{ {
uchar *pos; uchar *pos;
cache_rec_length_type length; uint length;
bool last_record; bool last_record;
CACHE_FIELD *copy,*end_field; CACHE_FIELD *copy,*end_field;
...@@ -8184,10 +8182,10 @@ read_cached_record(JOIN_TAB *tab) ...@@ -8184,10 +8182,10 @@ read_cached_record(JOIN_TAB *tab)
{ {
if (copy->strip) if (copy->strip)
{ {
memcpy_fixed(&length, pos, sizeof(length)); length= uint2korr(pos);
memcpy(copy->str, pos+sizeof(length), length); memcpy(copy->str, pos+2, length);
memset(copy->str+length, ' ', copy->length-length); memset(copy->str+length, ' ', copy->length-length);
pos+= sizeof(length)+length; pos+= 2 + length;
} }
else else
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment