Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-384

Incorrect packet when a connect attribute name or value is equal to or greater than 251.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.8
    • Fix Version/s: 3.0.9
    • Labels:
      None

      Description

      get_store_length() in libmariadb/mariadb_lib.c returns incorrect value when the argument is between 251 and 16777215. So mysql->options.extension->connect_attrs_len is incorrect when a connect attribute name or value is equal to or greater than 251.

      The function must be fixed as follows:

      static size_t get_store_length(size_t length)
      		 
      {
      		 
        if (length < (size_t) L64(251))
      		 
          return 1;
      		 
        if (length < (size_t) L64(65536))
      		 
          return 3; // change from 2 to 3 ('\xfc' + 2-byte integer)
      		 
        if (length < (size_t) L64(16777216))
      		 
          return 4; // change from 3 to 4 ('\xfd' + 3-byte integer)
      		 
        return 9;
      		 
      }

        Attachments

          Activity

            People

            Assignee:
            georg Georg Richter
            Reporter:
            kubo Kubo Takehiro
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: