Fix accesses to uninitialized memory (found by valgrind)

de4ec3ed · monty@mysql.com · a1321dff · de4ec3ed · de4ec3ed · de4ec3ed
Commit de4ec3ed authored Jan 13, 2005 by monty@mysql.com
Showing with 71 additions and 54 deletions

mysys/my_alloc.c mysys/my_alloc.c +13 -0

sql/filesort.cc sql/filesort.cc +6 -1

sql/sql_select.cc sql/sql_select.cc +8 -3

sql/sql_view.cc sql/sql_view.cc +3 -2

sql/table.cc sql/table.cc +41 -48

No files found.
--- a/mysys/my_alloc.c
+++ b/mysys/my_alloc.c
@@ -245,6 +245,19 @@ static inline void mark_blocks_free(MEM_ROOT* root)
 /*
  Deallocate everything used by alloc_root or just move
  used blocks to free list if called with MY_USED_TO_FREE
+
+  SYNOPSIS
+    free_root()
+      root		Memory root
+      MyFlags		Flags for what should be freed:
+
+        MY_MARK_BLOCKS_FREED	Don't free blocks, just mark them free
+        MY_KEEP_PREALLOC	If this is not set, then free also the
+        		        preallocated block
+
+  NOTES
+    One can call this function either with root block initialised with
+    init_alloc_root() or with a bzero()-ed block.
 */

 void free_root(MEM_ROOT *root, myf MyFlags)

--- a/sql/filesort.cc
+++ b/sql/filesort.cc
@@ -1176,7 +1176,12 @@ sortlength(SORT_FIELD *sortorder, uint s_length, bool *multi_byte_charset)
      else
      {
 	sortorder->length=sortorder->field->pack_length();
-	if (use_strnxfrm((cs=sortorder->field->charset())))
+        /*
+          We must test cmp_type() to ensure that ENUM and SET are sorted
+          as numbers
+        */
+	if (use_strnxfrm((cs=sortorder->field->charset())) &&
+            sortorder->field->cmp_type() == STRING_RESULT)
 	{
 	  sortorder->need_strxnfrm= 1;
 	  *multi_byte_charset= 1;

--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -7823,12 +7823,17 @@ create_tmp_table(THD *thd,TMP_TABLE_PARAM *param,List<Item> &fields,
  if (temp_pool_slot != MY_BIT_NONE) // we got a slot
    sprintf(filename, "%s_%lx_%i", tmp_file_prefix,
            current_pid, temp_pool_slot);
-  else // if we run out of slots or we are not using tempool
+  else
+  {
+    /* if we run out of slots or we are not using tempool */
    sprintf(filename,"%s%lx_%lx_%x",tmp_file_prefix,current_pid,
            thd->thread_id, thd->tmp_table++);
+  }

-  if (lower_case_table_names)
-    my_casedn_str(files_charset_info, path);
+  /*
+    No need for change table name to lower case as we are only creating
+    MyISAM or HEAP tables here
+  */
  sprintf(path, "%s%s", mysql_tmpdir, filename);

  if (group)

--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -948,11 +948,12 @@ frm_type_enum mysql_frm_type(char *path)
  {
    DBUG_RETURN(FRMTYPE_ERROR);
  }
-  length= my_read(file, (byte*) header, 10, MYF(MY_WME));
+  length= my_read(file, (byte*) header, sizeof(header), MYF(MY_WME));
  my_close(file, MYF(MY_WME));
  if (length == (int) MY_FILE_ERROR)
    DBUG_RETURN(FRMTYPE_ERROR);
-  if (!strncmp(header, "TYPE=VIEW\n", 10))
+  if (length < (int) sizeof(header) ||
+      !strncmp(header, "TYPE=VIEW\n", sizeof(header)))
    DBUG_RETURN(FRMTYPE_VIEW);
  DBUG_RETURN(FRMTYPE_TABLE);                   // Is probably a .frm table
 }

--- a/sql/table.cc
+++ b/sql/table.cc