An error occurred fetching the project authors.
- 09 Oct, 2006 1 commit
-
-
cmiller@zippy.cornsilk.net authored
When the client program had its stdout file descriptor closed by the calling shell, after some amount of work (enough to fill a socket buffer) the server would complain about a packet error and then disconnect the client. This is a serious security problem. If stdout is closed before the mysql is exec()d, then the first socket() call allocates file number 1 to communicate with the server. Subsequent write()s to that file number (as when printing results that come back from the database) go back to the server instead in the command channel. So, one should be able to craft data which, upon being selected back from the server to the client, and injected into the command stream become valid MySQL protocol to do something nasty when sent /back/ to the server. The solution is to close explicitly the file descriptor that we *printf() to, so that the libc layer and the OS layer both agree that the file is closed.
-
- 27 Sep, 2006 1 commit
-
-
cmiller@zippy.cornsilk.net authored
The STACK_MIN_SIZE is currently set to 8192, when we actually need (emperically discovered) 9236 bytes to raise an fatal error, on Ubuntu Dapper Drake, libc6 2.3.6-0ubuntu2, Linux kernel 2.6.15-27-686, on x86. I'm taking that as a new lower bound, plus 100B of wiggle-room for sundry word sizes and stack behaviors. The added test verifies in a cross-platform way that there are no gaps between the space that we think we need and what we actually need to report an error. DOCUMENTERS: This also adds "let" to the mysqltest commands that evaluate an argument to expand variables therein. (Only right of the "=", of course.)
-
- 22 Sep, 2006 1 commit
-
-
georg@lmy002.wdf.sap.corp authored
-
- 08 Sep, 2006 1 commit
-
-
anozdrin/alik@alik. authored
The patch affects only test suite and has the following changes: 1. On starting Instance Manager -- added code for waiting for guarded mysqld instances to create PID files; 2. Polishing; 3. Move IM-related operations out of mtr_process.pl into new dedicated for IM file -- mtr_im.pl
-
- 29 Aug, 2006 1 commit
-
-
anozdrin/alik@alik. authored
- BUG#15934: Instance manager fails to work; - BUG#18020: IM connect problem; - BUG#18027: IM: Server_ID differs; - BUG#18033: IM: Server_ID not reported; - BUG#21331: Instance Manager: Connect problems in tests; The only test suite has been changed (server codebase has not been modified).
-
- 23 Aug, 2006 1 commit
-
-
anozdrin/alik@alik. authored
User name (host name) has limit on length. The server code relies on these limits when storing the names. The problem was that sometimes these limits were not checked properly, so that could lead to buffer overflow. The fix is to check length of user/host name in parser and if string is too long, throw an error.
-
- 02 Aug, 2006 1 commit
-
-
georg@lmy002.wdf.sap.corp authored
-