Commit 99f9ff91 authored by mronstrom@mysql.com's avatar mronstrom@mysql.com

Fix for overwriting of the stack when table name length was larger

than 32 bytes. getWords interpreted length as number of words and
got number of bytes.
parent 22f21ba7
...@@ -5660,7 +5660,7 @@ void Dbdict::execGET_TABINFOREQ(Signal* signal) ...@@ -5660,7 +5660,7 @@ void Dbdict::execGET_TABINFOREQ(Signal* signal)
signal->getSection(ssPtr,GetTabInfoReq::TABLE_NAME); signal->getSection(ssPtr,GetTabInfoReq::TABLE_NAME);
SimplePropertiesSectionReader r0(ssPtr, getSectionSegmentPool()); SimplePropertiesSectionReader r0(ssPtr, getSectionSegmentPool());
r0.reset(); // undo implicit first() r0.reset(); // undo implicit first()
if(r0.getWords((Uint32*)tableName, len)) if(r0.getWords((Uint32*)tableName, ((len + 3)/4)))
memcpy(keyRecord.tableName, tableName, len); memcpy(keyRecord.tableName, tableName, len);
else { else {
jam(); jam();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment