mysql/community-mysql-rhbz1059545.patch
Honza Horak b2325d2583 Fix for CVE-2014-0001
Resolves: #1059545
2014-01-30 18:14:42 +01:00

18 lines
815 B
Diff

Unsifficient limit check aims to security issue.
MariaDB upstream fix: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
RHBZ#1059545
diff -up mysql-5.6.15/client/mysql.cc.bz1059545 mysql-5.6.15/client/mysql.cc
--- mysql-5.6.15/client/mysql.cc.bz1059545 2014-01-30 18:09:47.209588217 +0100
+++ mysql-5.6.15/client/mysql.cc 2014-01-30 18:09:59.016581192 +0100
@@ -1315,7 +1315,7 @@ int main(int argc,char *argv[])
put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.",
INFO_INFO);
- sprintf((char*) glob_buffer.ptr(),
+ my_snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(),
"Your MySQL connection id is %lu\nServer version: %s\n",
mysql_thread_id(&mysql), server_version_string(&mysql));
put_info((char*) glob_buffer.ptr(),INFO_INFO);