Than original fix was in commit 192.2.1:
revno: 192.2.1
fixes bug(s): https://launchpad.net/bugs/856404
committer: Oleg Tsarev <email address hidden>
branch nick: query_cache_strip_comments
timestamp: Tue 2011-11-08 22:10:56 +0300
message:
This commit contain test and fix for buf #856404.
While I am allocating buffer for striped query I forgot about \0 in the end of query.
After that memory is corrupted.
@@ -108,7 +108,8 @@
+}
+void QueryStripComments::set(const char* query, uint query_length, uint additional_length)
+{
-+ uint new_buffer_length = query_length + additional_length;
++ /* Don't forget about \0 in the end of query */
++ uint new_buffer_length = query_length + 1 + additional_length;
+ if(new_buffer_length > buffer_length)
+ {
+ cleanup();
Without this I receive error "double free of curruption".
After correct allocation error go out.
Alexey,
Than original fix was in commit 192.2.1: /launchpad. net/bugs/ 856404 strip_comments
revno: 192.2.1
fixes bug(s): https:/
committer: Oleg Tsarev <email address hidden>
branch nick: query_cache_
timestamp: Tue 2011-11-08 22:10:56 +0300
message:
This commit contain test and fix for buf #856404.
While I am allocating buffer for striped query I forgot about \0 in the end of query.
After that memory is corrupted.
@@ -108,7 +108,8 @@ nts::set( const char* query, uint query_length, uint additional_length) buffer_ length > buffer_length)
+}
+void QueryStripComme
+{
-+ uint new_buffer_length = query_length + additional_length;
++ /* Don't forget about \0 in the end of query */
++ uint new_buffer_length = query_length + 1 + additional_length;
+ if(new_
+ {
+ cleanup();
Without this I receive error "double free of curruption".
After correct allocation error go out.
Do you need some another explanations?