From 77085c8efe649bab401c27bf06ad7900341cf7c2 Mon Sep 17 00:00:00 2001
From: "svoj@mysql.com/april.(none)" <>
Date: Fri, 15 Dec 2006 16:01:56 +0400
Subject: [PATCH] BUG#24358 - Table access crashes server

Having broken .frm, particulary number of field names does
not match number of fields, causes server crash.

Refuse to open a table if number of field names in a table
is not equal to number of fields in a table.

No test case, since it requires broken .frm file.
---
 sql/table.cc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sql/table.cc b/sql/table.cc
index aff1e6d11f6..dab2f978327 100644
--- a/sql/table.cc
+++ b/sql/table.cc
@@ -373,6 +373,8 @@ int openfrm(const char *name, const char *alias, uint db_stat, uint prgflag,
   memcpy(comment_pos, disk_buff+read_length-com_length, com_length);
 
   fix_type_pointers(&int_array,&outparam->fieldnames,1,&names);
+  if (outparam->fieldnames.count != outparam->fields)
+    goto err_not_open;
   fix_type_pointers(&int_array,outparam->intervals,interval_count,
 		    &names);