Commit eb73245e authored by Monty's avatar Monty Committed by Sergei Golubchik

Ensure that we do not allocate strings bigger than 4G in String objects.

This is needed as we are using uint32 for allocated and current length.
parent 81d9bed3
...@@ -37,6 +37,7 @@ bool Binary_string::real_alloc(size_t length) ...@@ -37,6 +37,7 @@ bool Binary_string::real_alloc(size_t length)
DBUG_ASSERT(arg_length > length); DBUG_ASSERT(arg_length > length);
if (arg_length <= length) if (arg_length <= length)
return TRUE; /* Overflow */ return TRUE; /* Overflow */
DBUG_ASSERT(length < UINT_MAX32); // cast to uint32 is safe
str_length=0; str_length=0;
if (Alloced_length < arg_length) if (Alloced_length < arg_length)
{ {
...@@ -45,7 +46,6 @@ bool Binary_string::real_alloc(size_t length) ...@@ -45,7 +46,6 @@ bool Binary_string::real_alloc(size_t length)
arg_length,MYF(MY_WME | (thread_specific ? arg_length,MYF(MY_WME | (thread_specific ?
MY_THREAD_SPECIFIC : 0))))) MY_THREAD_SPECIFIC : 0)))))
return TRUE; return TRUE;
DBUG_ASSERT(length < UINT_MAX32);
Alloced_length=(uint32) arg_length; Alloced_length=(uint32) arg_length;
alloced=1; alloced=1;
} }
...@@ -504,6 +504,7 @@ bool String::set_ascii(const char *str, size_t arg_length) ...@@ -504,6 +504,7 @@ bool String::set_ascii(const char *str, size_t arg_length)
bool Binary_string::fill(size_t max_length,char fill_char) bool Binary_string::fill(size_t max_length,char fill_char)
{ {
DBUG_ASSERT(max_length < UINT_MAX32); // cast to uint32 is safe
if (str_length > max_length) if (str_length > max_length)
Ptr[str_length= (uint32) max_length]=0; Ptr[str_length= (uint32) max_length]=0;
else else
...@@ -529,7 +530,7 @@ void String::strip_sp() ...@@ -529,7 +530,7 @@ void String::strip_sp()
bool String::append(const char *s,size_t size) bool String::append(const char *s,size_t size)
{ {
DBUG_ASSERT(size <= UINT_MAX32); DBUG_ASSERT(size <= UINT_MAX32); // cast to uint32 is safe
uint32 arg_length= (uint32) size; uint32 arg_length= (uint32) size;
if (!arg_length) if (!arg_length)
return FALSE; return FALSE;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment