[#MDEV-4252] geometry query crashes server

[MDEV-4252] geometry query crashes server Created: 2013-03-05 Updated: 2014-03-17 Due: 2013-03-08 Resolved: 2013-03-06
Status:	Closed
Project:	MariaDB Server
Component/s:	None
Affects Version/s:	5.5.29, 5.1.67, 5.2.14, 5.3.12
Fix Version/s:	5.5.30, 5.1.73, 5.2.15, 5.3.13

Type:

Bug

Priority:

Major

Reporter:

Alexey Botchkov

Assignee:

Alexey Botchkov

Resolution:

Fixed

Votes:

Labels:

upstream

Environment:

any

Description

run that for instance:
select astext(0x0100000000030000000100000000000010);

Comments

Comment by Alexey Botchkov [ 2013-03-06 ]

patch proposal:
http://lists.askmonty.org/pipermail/commits/2013-March/004371.html

Comment by Sergei Golubchik [ 2013-03-07 ]

reported upstream

Comment by Sergei Golubchik [ 2013-03-07 ]

Please fix it in 5.1 too. Thanks!

Comment by Alyssa Milburn [ 2013-03-15 ]

The overflow vulnerabilities aren't all fixed by this patch. The mbr functions still look problematic, for example. Try the obvious example:

select envelope(0x0100000000030000000100000000000010);

Comment by Alexey Botchkov [ 2013-03-18 ]

fixed.
also fixes the queries like select geometryn(0x0100000000070000000100000001030000000200000000000000ffff0000, 1) and select geometryn(0x0100000000070000000100000001030000000200000000000000ffffff0f, 1)

the patch:
http://lists.askmonty.org/pipermail/commits/2013-March/004447.html

Generated at Thu Feb 08 06:54:59 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-4252] geometry query crashes server Created: 2013-03-05 Updated: 2014-03-17 Due: 2013-03-08 Resolved: 2013-03-06