* Fixed potential memory overrun in `mysql_real_connect()' (which

required a compromised DNS server and certain operating systems). (Bug #4017) * Fixed crash in `MATCH ... AGAINST()' on a phrase search operator with a missing closing double quote. (Bug #3870) * Fixed a crash on declaration of `DECIMAL(0,...)' column. (Bug #4046)
2004-10-20 04:47:29 +00:00 · 2004-10-20 04:47:29 +00:00 · 748c1d4b56
commit 748c1d4b56
parent feb0e2638a
4 changed files with 103 additions and 0 deletions
--- a/databases/mysql/patches/patch-libmysql_libmysql_c
+++ b/databases/mysql/patches/patch-libmysql_libmysql_c
@ -0,0 +1,13 @@
+$OpenBSD: patch-libmysql_libmysql_c,v 1.3 2004/10/20 04:47:29 brad Exp $
+--- libmysql/libmysql.c.orig	Tue Oct 19 21:50:29 2004
+++ libmysql/libmysql.c	Tue Oct 19 21:52:42 2004
+@@ -1855,7 +1855,8 @@ mysql_real_connect(MYSQL *mysql,const ch
+ 	sprintf(net->last_error, ER(CR_UNKNOWN_HOST), host, tmp_errno);
+ 	goto error;
+       }
+-      memcpy(&sock_addr.sin_addr,hp->h_addr, (size_t) hp->h_length);
+      memcpy(&sock_addr.sin_addr, hp->h_addr,
+	    min(sizeof(sock_addr.sin_addr), (size_t) hp->h_length));
+       my_gethostbyname_r_free();
+     }
+     sock_addr.sin_port = (ushort) htons((ushort) port);
--- a/databases/mysql/patches/patch-myisam_ft_boolean_search_c
+++ b/databases/mysql/patches/patch-myisam_ft_boolean_search_c
@ -0,0 +1,12 @@
+$OpenBSD: patch-myisam_ft_boolean_search_c,v 1.1 2004/10/20 04:47:29 brad Exp $
+--- myisam/ft_boolean_search.c.orig	Thu May 13 20:53:29 2004
+++ myisam/ft_boolean_search.c	Tue Oct 19 22:15:59 2004
+@@ -360,7 +360,7 @@ err:
+ }
+ 
+ 
+-/* returns 1 if str0 ~= /\<str1\>/ */
+/* returns 1 if str0 ~= /\bstr1\b/ */
+ static int _ftb_strstr(const byte *s0, const byte *e0,
+                 const byte *s1, const byte *e1,
+                 CHARSET_INFO *cs)
--- a/databases/mysql/patches/patch-myisam_ft_parser_c
+++ b/databases/mysql/patches/patch-myisam_ft_parser_c
@ -0,0 +1,63 @@
+$OpenBSD: patch-myisam_ft_parser_c,v 1.1 2004/10/20 04:47:29 brad Exp $
+--- myisam/ft_parser.c.orig	Thu May 13 20:53:24 2004
+++ myisam/ft_parser.c	Tue Oct 19 22:15:59 2004
+@@ -124,28 +124,31 @@ byte ft_get_word(byte **start, byte *end
+     for (;doc<end;doc++)
+     {
+       if (true_word_char(*doc)) break;
+-      if (*doc == FTB_RQUOT && param->quot) {
+      if (*doc == FTB_RQUOT && param->quot)
+      {
+         param->quot=doc;
+         *start=doc+1;
+         return 3; /* FTB_RBR */
+       }
+-      if ((*doc == FTB_LBR || *doc == FTB_RBR || *doc == FTB_LQUOT)
+-          && !param->quot)
+      if (!param->quot)
+       {
+-        /* param->prev=' '; */
+-        *start=doc+1;
+-        if (*doc == FTB_LQUOT) param->quot=*start;
+-        return (*doc == FTB_RBR)+2;
+        if (*doc == FTB_LBR || *doc == FTB_RBR || *doc == FTB_LQUOT)
+        {
+          /* param->prev=' '; */
+          *start=doc+1;
+          if (*doc == FTB_LQUOT) param->quot=*start;
+          return (*doc == FTB_RBR)+2;
+        }
+        if (param->prev == ' ')
+        {
+          if (*doc == FTB_YES ) { param->yesno=+1;    continue; } else
+          if (*doc == FTB_EGAL) { param->yesno= 0;    continue; } else
+          if (*doc == FTB_NO  ) { param->yesno=-1;    continue; } else
+          if (*doc == FTB_INC ) { param->plusminus++; continue; } else
+          if (*doc == FTB_DEC ) { param->plusminus--; continue; } else
+          if (*doc == FTB_NEG ) { param->pmsign=!param->pmsign; continue; }
+        }
+       }
+-      if (param->prev == ' ' && !param->quot)
+-      {
+-        if (*doc == FTB_YES ) { param->yesno=+1;    continue; } else
+-        if (*doc == FTB_EGAL) { param->yesno= 0;    continue; } else
+-        if (*doc == FTB_NO  ) { param->yesno=-1;    continue; } else
+-        if (*doc == FTB_INC ) { param->plusminus++; continue; } else
+-        if (*doc == FTB_DEC ) { param->plusminus--; continue; } else
+-        if (*doc == FTB_NEG ) { param->pmsign=!param->pmsign; continue; }
+-      }
+       param->prev=*doc;
+       param->yesno=(FTB_YES==' ') ? 1 : (param->quot != 0);
+       param->plusminus=param->pmsign=0;
+@@ -169,6 +172,11 @@ byte ft_get_word(byte **start, byte *end
+       *start=doc;
+       return 1;
+     }
+  }
+  if (param->quot)
+  {
+    param->quot=*start=doc;
+    return 3; /* FTB_RBR */
+   }
+   return 0;
+ }
--- a/databases/mysql/patches/patch-sql_sql_parse_cc
+++ b/databases/mysql/patches/patch-sql_sql_parse_cc
@ -0,0 +1,15 @@
+$OpenBSD: patch-sql_sql_parse_cc,v 1.1 2004/10/20 04:47:29 brad Exp $
+--- sql/sql_parse.cc.orig	Thu May 13 20:53:18 2004
+++ sql/sql_parse.cc	Tue Oct 19 22:22:11 2004
+@@ -3155,7 +3155,10 @@ bool add_field_to_list(char *field_name,
+     break;
+   case FIELD_TYPE_DECIMAL:
+     if (!length)
+-      new_field->length= 10;			// Default length for DECIMAL
+      if (new_field->length= new_field->decimals)
+        new_field->length++;
+      else
+        new_field->length=10;                   // Default length for DECIMAL
+     if (new_field->length < MAX_FIELD_WIDTH)	// Skip wrong argument
+     {
+       new_field->length+=sign_len;