28 Commits

Author SHA1 Message Date
Shishir Jaiswal
68b88afb0c Bug#24449090 - BUFFER OVERFLOW IN FUNCTION DUPL
Post-push fix for memory leak in the code inside
DBUG_EXECUTE_IF("bug24449090_simulate_oom",...);
2016-12-04 18:44:51 +05:30
Shishir Jaiswal
52b0c8146b Bug#24449076 - INTEGER OVERFLOW IN FUNCTION DOINSERT
DESCRIPTION
===========
Performing a pattern match of a Regex resulting into a very
large string, leads to crash due to integer wraparound.

ANALYSIS
========
doinsert() - The length calculated here (to copy the
number of bytes) comes out to be too large to be stored in
the "int" variable 'length'. We need to ensure that the
variable can accommodate large lengths.

FIX
===
'length' in doinsert() is now defined as of type "size_t"
instead of "int"
2016-11-29 11:26:25 +05:30
Shishir Jaiswal
8f29705851 Bug#24449090 - BUFFER OVERFLOW IN FUNCTION DUPL
DESCRIPTION
===========
Performing a pattern match of a Regex resulting into a very
large string, leads to crash due to failed realloc().

ANALYSIS
========
dupl() calls enlarge(). It in turn calls realloc() for
pointer p->strip. This eventually fails due to OOM.
However we are still using the same pointer in memcpy()
causing a SEGFAULT!

FIX
===
1) In dupl(), checking for error code (which would be set
if realloc fails) immediately after call to enlarge().
Returning now with this error code.

2) Handling the same in the caller functions.
2016-11-29 11:19:30 +05:30
Tatiana Azundris Nuernberg
dc45e40825 Bug#20642505: HENRY SPENCER REGULAR EXPRESSIONS (REGEX) LIBRARY
The MySQL server uses Henry Spencer's library for regular
expressions to support the REGEXP/RLIKE string operator.
This changeset adapts a recent fix from the upstream for
better 32-bit compatiblity. (Note that we cannot simply use
the current upstream version as a drop-in replacement
for the version used by the server as the latter has
been extended to understand MySQL charsets etc.)
2015-05-18 08:09:02 +01:00
Neeraj Bisht
1a951e716c BUG#14303860 - EXECUTING A SELECT QUERY WITH TOO
MANY WILDCARDS CAUSES A SEGFAULT
      Back port from 5.6 and trunk
2013-01-14 16:51:52 +05:30
Neeraj Bisht
78664f54a0 BUG#14303860 - EXECUTING A SELECT QUERY WITH TOO
MANY WILDCARDS CAUSES A SEGFAULT

Back port from 5.6 and trunk
2013-01-14 14:59:48 +05:30
Dmitry Shulga
6c777a6220 Fixed bug#58026 - massive recursion and crash in regular expression
handling.

The problem was that parsing of nested regular expression involved
recursive calls. Such recursion didn't take into account the amount of
available stack space, which ended up leading to stack overflow crashes.
2011-02-04 10:47:46 +06:00
Dmitry Shulga
d284940f8b Merge from mysql-5.1 for bug#58026. 2011-02-04 10:59:55 +06:00
Davi Arnaut
60ab2b9283 WL#5498: Remove dead and unused source code
Remove unused macros or macro which are always defined.
2010-07-23 17:16:29 -03:00
Davi Arnaut
9fd9857e0b WL#5498: Remove dead and unused source code
Remove code that has been disabled for a long time.
2010-07-23 17:09:27 -03:00
Davi Arnaut
3d2389c337 Use UNINIT_VAR workaround instead of LINT_INIT. 2010-07-09 16:37:52 -03:00
Davi Arnaut
93fb8bb235 Bug#53445: Build with -Wall and fix warnings that it generates
Apart strict-aliasing warnings, fix the remaining warnings
generated by GCC 4.4.4 -Wall and -Wextra flags.

One major source of warnings was the in-house function my_bcmp
which (unconventionally) took pointers to unsigned characters
as the byte sequences to be compared. Since my_bcmp and bcmp
are deprecated functions whose only difference with memcmp is
the return value, every use of the function is replaced with
memcmp as the special return value wasn't actually being used
by any caller.

There were also various other warnings, mostly due to type
mismatches, missing return values, missing prototypes, dead
code (unreachable) and ignored return values.
2010-07-02 15:30:47 -03:00
Staale Smedseng
f59ef9eafa Merge from 5.0 for 43414 2009-08-28 18:21:54 +02:00
Staale Smedseng
2217de2513 Bug #43414 Parenthesis (and other) warnings compiling MySQL
with gcc 4.3.2
      
This patch fixes a number of GCC warnings about variables used
before initialized. A new macro UNINIT_VAR() is introduced for
use in the variable declaration, and LINT_INIT() usage will be
gradually deprecated. (A workaround is used for g++, pending a
patch for a g++ bug.)
      
GCC warnings for unused results (attribute warn_unused_result)
for a number of system calls (present at least in later
Ubuntus, where the usual void cast trick doesn't work) are
also fixed.
2009-08-28 17:51:31 +02:00
monty@mysql.com/nosik.monty.fi
e53a73e26c Fixed a lot of compiler warnings and errors detected by Forte C++ on Solaris
Faster thr_alarm()
Added 'Opened_files' status variable to track calls to my_open()
Don't give warnings when running mysql_install_db
Added option --source-install to mysql_install_db

I had to do the following renames() as used polymorphism didn't work with Forte compiler on 64 bit systems
index_read()      -> index_read_map()
index_read_idx()  -> index_read_idx_map()
index_read_last() -> index_read_last_map()
2007-08-13 16:11:25 +03:00
kent@mysql.com
844d964f2d Many files:
Prefix regex functions/types with "my_" as our
  library is not compatible with normal regex lib.
my_regex.h:
  Rename: regex/regex.h -> regex/my_regex.h
2005-09-29 02:08:24 +02:00
bar@mysql.com
c735aaebfc Bugs: #7111: server crashes when regexp is used 2004-12-09 15:56:19 +04:00
monty@mishka.local
04c23808a8 Review of all code pushed since last review
Simple optimzations and cleanups
Removed compiler warnings and fixed portability issues
Added client functions 'mysql_embedded()' to allow client to check if we are using embedded server
Fixes for purify
2004-10-20 01:28:42 +03:00
lenz@mysql.com
9d788778a0 - compile fix for regex/regcomp.c spotted on Mac OS X
(too few arguments)
2004-06-15 12:58:58 +02:00
monty@mysql.com
75dda82526 Removed compiler warning
Changed _XXX to _MY_XXX to solve conflict problem on Mac OS X
2004-03-18 14:53:38 +02:00
bar@bar.mysql.r18.ru
52bb4efcdd regexp worked only with the default character set.
Now it can work with any character set.
2003-09-24 13:57:26 +05:00
bar@bar.mysql.r18.ru
08129eea2b Reorganization to restore generating charset C files from conf files 2003-01-29 15:08:09 +04:00
bar@gw.udmsearch.izhnet.ru
2eed406550 Regex library is switched to use new ctype tools
to allow usage of many character sets at a time.
2002-03-06 20:04:13 +04:00
monty@hundin.mysql.fi
1d26537da5 Query cache.
Remove some warnings
2001-12-02 14:34:01 +02:00
monty@hundin.mysql.fi
7cadc6e711 Changed to use my_global.h
Fixed problem with LIKE with latin1_de
Added parsing support of UNSIGNED LONG LONG
2001-09-14 02:54:33 +03:00
monty@tramp.mysql.fi
9f7c4563f7 First part of automatic repair of MyISAM tables.
Error on full disk on repair.
SIGHUP signal handling.
Update with keys on timestamp
Portability fixes
2000-10-03 14:18:03 +03:00
monty@donna.mysql.com
ea013c2152 Fixed for Ia64 + delayed key creation + a lot of small bug fixes 2000-08-15 20:09:37 +03:00
bk@work.mysql.com
f4c589ff6c Import changeset 2000-07-31 21:29:14 +02:00