summaryrefslogtreecommitdiffstats
path: root/patches/source/mysql/mysql.CVE-2014-0001.diff
blob: 01a845e80d1aaf02bbcee3bfc344cf66daa1b4c8 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11

--- ./client/mysql.cc.orig	2013-11-04 12:52:27.000000000 -0600
+++ ./client/mysql.cc	2014-02-18 22:24:32.928195436 -0600
@@ -1167,7 +1167,7 @@
 
   put_info("Welcome to the MySQL monitor.  Commands end with ; or \\g.",
 	   INFO_INFO);
-  sprintf((char*) glob_buffer.ptr(),
+  snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(),
 	  "Your MySQL connection id is %lu\nServer version: %s\n",
 	  mysql_thread_id(&mysql), server_version_string(&mysql));
   put_info((char*) glob_buffer.ptr(),INFO_INFO);
generated by cgit v1.2.3 (git 2.26.2) at 2024-04-27 19:14:59 +0000