Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 136053 Details for
Bug 198988
dev-db/mysql < 5.0.44-r2 dev-db/mysql-community InnoDB "CONTAINS" DoS (CVE-2007-5925)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
described patch
convert_search_mode_to_innobase.diff (text/plain), 3.35 KB, created by
Lukas Kuzmiak
on 2007-11-15 16:28:02 UTC
(
hide
)
Description:
described patch
Filename:
MIME Type:
Creator:
Lukas Kuzmiak
Created:
2007-11-15 16:28:02 UTC
Size:
3.35 KB
patch
obsolete
>diff -ru innobase/include/db0err.h.orig innobase/include/db0err.h >--- innobase/include/db0err.h.orig 2007-07-04 16:06:59.000000000 +0300 >+++ innobase/include/db0err.h 2007-11-15 10:23:51.000000000 +0200 >@@ -57,6 +57,18 @@ > buffer pool (for big transactions, > InnoDB stores the lock structs in the > buffer pool) */ >+#define DB_FOREIGN_DUPLICATE_KEY 46 /* foreign key constraints >+ activated by the operation would >+ lead to a duplicate key in some >+ table */ >+#define DB_TOO_MANY_CONCURRENT_TRXS 47 /* when InnoDB runs out of the >+ preconfigured undo slots, this can >+ only happen when there are too many >+ concurrent transactions */ >+#define DB_UNSUPPORTED 48 /* when InnoDB sees any artefact or >+ a feature that it can't recoginize or >+ work with e.g., FT indexes created by >+ a later version of the engine. */ > > /* The following are partial failure codes */ > #define DB_FAIL 1000 >diff -ru innobase/include/page0cur.h.orig innobase/include/page0cur.h >--- innobase/include/page0cur.h.orig 2007-07-04 16:06:10.000000000 +0300 >+++ innobase/include/page0cur.h 2007-11-15 10:23:51.000000000 +0200 >@@ -22,6 +22,7 @@ > > /* Page cursor search modes; the values must be in this order! */ > >+#define PAGE_CUR_UNSUPP 0 > #define PAGE_CUR_G 1 > #define PAGE_CUR_GE 2 > #define PAGE_CUR_L 3 >diff -ru sql/ha_innodb.cc.orig sql/ha_innodb.cc >--- sql/ha_innodb.cc.orig 2007-07-04 16:06:48.000000000 +0300 >+++ sql/ha_innodb.cc 2007-11-15 10:25:55.000000000 +0200 >@@ -526,6 +526,9 @@ > } > > return(HA_ERR_LOCK_TABLE_FULL); >+ } else if (error == DB_UNSUPPORTED) { >+ >+ return(HA_ERR_UNSUPPORTED); > } else { > return(-1); // Unknown error > } >@@ -3689,11 +3692,21 @@ > and comparison of non-latin1 char type fields in > innobase_mysql_cmp() to get PAGE_CUR_LE_OR_EXTENDS to > work correctly. */ >- >- default: assert(0); >+ case HA_READ_MBR_CONTAIN: >+ case HA_READ_MBR_INTERSECT: >+ case HA_READ_MBR_WITHIN: >+ case HA_READ_MBR_DISJOINT: >+ my_error(ER_TABLE_CANT_HANDLE_SPKEYS, MYF(0)); >+ return(PAGE_CUR_UNSUPP); >+ /* do not use "default:" in order to produce a gcc warning: >+ enumeration value '...' not handled in switch >+ (if -Wswitch or -Wall is used) >+ */ > } > >- return(0); >+ my_error(ER_CHECK_NOT_IMPLEMENTED, MYF(0), "this functionality"); >+ >+ return(PAGE_CUR_UNSUPP); > } > > /* >@@ -3831,11 +3844,18 @@ > > last_match_mode = (uint) match_mode; > >- innodb_srv_conc_enter_innodb(prebuilt->trx); >+ if (mode != PAGE_CUR_UNSUPP) { > >- ret = row_search_for_mysql((byte*) buf, mode, prebuilt, match_mode, 0); >+ innodb_srv_conc_enter_innodb(prebuilt->trx); > >- innodb_srv_conc_exit_innodb(prebuilt->trx); >+ ret = row_search_for_mysql((byte*) buf, mode, prebuilt, >+ match_mode, 0); >+ >+ innodb_srv_conc_exit_innodb(prebuilt->trx); >+ } else { >+ >+ ret = DB_UNSUPPORTED; >+ } > > if (ret == DB_SUCCESS) { > error = 0; >@@ -5150,8 +5170,16 @@ > mode2 = convert_search_mode_to_innobase(max_key ? max_key->flag : > HA_READ_KEY_EXACT); > >- n_rows = btr_estimate_n_rows_in_range(index, range_start, >- mode1, range_end, mode2); >+ if (mode1 != PAGE_CUR_UNSUPP && mode2 != PAGE_CUR_UNSUPP) { >+ >+ n_rows = btr_estimate_n_rows_in_range(index, range_start, >+ mode1, range_end, >+ mode2); >+ } else { >+ >+ n_rows = 0; >+ } >+ > dtuple_free_for_mysql(heap1); > dtuple_free_for_mysql(heap2); >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 198988
:
136052
| 136053