Changeset: af9c3bed48b7 for MonetDB
URL: http://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=af9c3bed48b7
Modified Files:
monetdb5/mal/mal_debugger.c
Branch: Jul2015
Log Message:
Avoid crash in debugger
If you called the mdb command
p1 4 b
(i.e. missing a space after 'p')
it could crash the server.
The intention to also directly access BATs by index
is dropped, as it is a security leak too.
diffs (21 lines):
diff --git a/monetdb5/mal/mal_debugger.c b/monetdb5/mal/mal_debugger.c
--- a/monetdb5/mal/mal_debugger.c
+++ b/monetdb5/mal/mal_debugger.c
@@ -823,16 +823,7 @@ retryRead:
i = findVariable(mb, b);
}
if (i < 0) {
- i = BBPindex(b);
- if (i != 0) {
- printBATelm(out, i, size, first);
- } else {
- i = atoi(b);
- if (i>-0 || *b == '0')
- printStackElm(out, mb, stk->stk
+ i, i, size, first);
- else
- mnstr_printf(out, "#%s Symbol
not found\n", "#mdb ");
- }
+ mnstr_printf(out, "#%s Symbol not found\n", b);
continue;
}
if (isaBatType(getVarType(mb, i)) && upper == 'p') {
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
