[EMAIL PROTECTED] writes:
> The problem occurs in the function my_strdup() in an repnz scans ... stuff.If
>you give a input of more than 82 characters to mysql client as the database name the
>client will overflow. This is not a big problem since it isn't setuid.
> hmm... mysql -u user -phmm `perl -e 'print Ax100'`
> fix the my_strdup function shit stuff
>
> >Submitter-Id: <submitter ID>
> >Originator:Renato F. Lima
> >Organization: Cimcorp Telnet
> >MySQL support: none
> >Synopsis: A little overflow
> >Severity:non-critical with no setuid(the default)
> >Priority: low
> >Category: mysql
> >Class: sw-bug
> >Release: mysql-3.22.32 (Source distribution)
>
> >Environment:
>
> System: FreeBSD chronoz.telnet.com.br 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE #2: Sun
>Jun 17 23:06:35 BRT 2001 [EMAIL PROTECTED]:/usr/src/sys/compile/MYKERNEL
> i386
>
>
> Some paths: /usr/bin/perl /usr/bin/make /usr/local/bin/gmake /usr/bin/gcc
>/usr/bin/cc
> GCC: Using builtin specs.
> gcc version 2.95.2 19991024 (release)
> Compilation info: CC='gcc' CFLAGS='' CXX='gcc' CXXFLAGS='' LDFLAGS=''
> Configure command: ./configure --with-unix-socket-path=/var/tmp/mysql.sock
>--with-low-memory --with-mit-threads=yes
> Perl: This is perl, version 5.005_03 built for i386-freebsd
Hi!
This function has been replaced since.
--
Regards,
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mr. Sinisa Milivojevic <[EMAIL PROTECTED]>
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB, FullTime Developer
/_/ /_/\_, /___/\___\_\___/ Larnaca, Cyprus
<___/ www.mysql.com
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
