summaryrefslogtreecommitdiff
path: root/patches/source/mysql/mysql.CVE-2014-0001.diff
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/mysql/mysql.CVE-2014-0001.diff')
-rw-r--r--patches/source/mysql/mysql.CVE-2014-0001.diff11
1 files changed, 11 insertions, 0 deletions
diff --git a/patches/source/mysql/mysql.CVE-2014-0001.diff b/patches/source/mysql/mysql.CVE-2014-0001.diff
new file mode 100644
index 00000000..818fae75
--- /dev/null
+++ b/patches/source/mysql/mysql.CVE-2014-0001.diff
@@ -0,0 +1,11 @@
+--- ./client/mysql.cc.orig 2012-03-02 08:04:08.000000000 -0600
++++ ./client/mysql.cc 2014-02-18 22:20:30.420177939 -0600
+@@ -1157,7 +1157,7 @@
+
+ put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.",
+ INFO_INFO);
+- sprintf((char*) glob_buffer.ptr(),
++ snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(),
+ "Your MySQL connection id is %lu\nServer version: %s\n",
+ mysql_thread_id(&mysql), server_version_string(&mysql));
+ put_info((char*) glob_buffer.ptr(),INFO_INFO);
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-01 02:29:25 +0000