From 42501173084f8a085a5cab38cb7d19ada8a96739 Mon Sep 17 00:00:00 2001 From: mithun Date: Tue, 10 Sep 2013 15:32:27 +0530 Subject: [PATCH] Bug #16978278 : BUFFER OVERFLOW WHEN PRINTING A LARGE 64-BIT INTEGER WITH MY_B_VPRINTF() Issue : In LP 64 machine max long value can be 20 digit decimal value. But in my_b_vprintf() the intermediate buffer storage used is 17 bytes length. This will lead to buffer overflow. Solution : Increased the buffer storage from 17 to 32 bytes. code is backported from 5.6 mysys/mf_iocache2.c: In function my_b_vprintf increased the size of local buff from 17 to 32 bytes. --- mysys/mf_iocache2.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysys/mf_iocache2.c b/mysys/mf_iocache2.c index eaa70782f16..f65ca97bd16 100644 --- a/mysys/mf_iocache2.c +++ b/mysys/mf_iocache2.c @@ -415,7 +415,7 @@ process_flags: { register int iarg; size_t length2; - char buff[17]; + char buff[32]; iarg = va_arg(args, int); if (*fmt == 'd') @@ -450,7 +450,7 @@ process_flags: { register long iarg; size_t length2; - char buff[17]; + char buff[32]; iarg = va_arg(args, long); if (*++fmt == 'd')