[MDEV-6329] Buffer overrun in find_uniq_filename Created: 2014-06-11  Updated: 2014-06-22  Resolved: 2014-06-11

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: 5.5.38, 10.0.11, 10.1.0
Fix Version/s: 5.5.39, 10.0.12, 10.1.0

Type: Bug Priority: Major
Reporter: Sergey Vojtovich Assignee: Sergey Vojtovich
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates
relates to MDEV-6039 WebScaleSQL patches Closed

 Description   

To reproduce this bug compile MariaDB with ASAN:
cmake -DWITH_ASAN=ON -DCMAKE_BUILD_TYPE=Debug -DMYSQL_MAINTAINER_MODE=ON

mtr test following.

find_uniq_filename.test

let $i= 918;
 
while ($i > 99)
 
{
 
  write_file $MYSQLTEST_VARDIR/mysqld.1/data/test/a_39_bytes_long_file_name_123456789.$i;
 
  EOF
 
  dec $i;
 
}
 
flush logs;

find_uniq_filename.opt

--log-bin=$MYSQLTEST_VARDIR/mysqld.1/data/test/longbinlog012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901

Originally fixed in WebScaleSQL: https://github.com/webscalesql/webscalesql-5.6/commit/bce9eddc1da87beab17c60d7eb7379841a3d45af.

 Comments   
Comment by Sergey Vojtovich [ 2014-06-11 ]

Sergei, please review fix for this bug.

Comment by Sergei Golubchik [ 2014-06-11 ]

ok to push

Comment by Sergey Vojtovich [ 2014-06-11 ]

Fixed in 5.5.39.

revno: 4216
 
revision-id: svoj@mariadb.org-20140611122320-heud294imkl1oli7
 
parent: elenst@montyprogram.com-20140610155327-imhlnvjs0yxg9xmk
 
committer: Sergey Vojtovich <svoj@mariadb.org>
 
branch nick: 5.5
 
timestamp: Wed 2014-06-11 16:23:20 +0400
 
message:
 
  MDEV-6329 - Buffer overrun in find_uniq_filename
 
 
 
  Merged WebScaleSQL fix:
 
  https://github.com/webscalesql/webscalesql-5.6/commit/bce9eddc1da87beab17c60d7eb7379841a3d45af

Generated at Thu Feb 08 07:11:04 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.