From c1c0617995162178ff020fb47a0d998ba7198968 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= Date: Mon, 14 Jan 2019 17:58:39 +1100 Subject: [PATCH] Wrong decoding causes crash #1350 Wrong decoding in MySQL protocol for field bigger than 16MB causes crash. The only code path affected by this seems to be reading parameters from prepared statements. --- include/proxysql_macros.h | 3 --- lib/MySQL_Protocol.cpp | 6 ++++++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/include/proxysql_macros.h b/include/proxysql_macros.h index 53f3ab2b77..d7090b1c61 100644 --- a/include/proxysql_macros.h +++ b/include/proxysql_macros.h @@ -42,9 +42,6 @@ // copy 4 bytes #define CPY4(x) *((uint32_t *)x) -// copy 8 bytes -#define CPY8(x) *((uint64_t *)x) - // (un)set blocking mode on a file descriptor #define ioctl_FIONBIO(fd, mode) \ { \ diff --git a/lib/MySQL_Protocol.cpp b/lib/MySQL_Protocol.cpp index 86f6e0856a..80e4e478b8 100644 --- a/lib/MySQL_Protocol.cpp +++ b/lib/MySQL_Protocol.cpp @@ -215,6 +215,12 @@ unsigned int CPY3(unsigned char *ptr) { return buf.i; } +uint64_t CPY8(unsigned char *ptr) { + uint64_t buf; + memcpy(&buf,ptr,sizeof(uint64_t)); + return buf; +} + // see http://dev.mysql.com/doc/internals/en/integer.html#packet-Protocol::LengthEncodedInteger /* arguments to pass: * pointer to the field