Commit 0b1540ea authored by unknown's avatar unknown
Browse files

Bug#18310 Server compiled with yassl crash 

 - Add protection so that 'show_ssl_get_cipher_list' does not write after end of "buff"


sql/mysqld.cc:
  Add check to not write after the end of "buff" when listing the available ciphers
parent 8505322d

sql/mysqld.cc

+4 −2
Original line number Diff line number Diff line
@@ -6600,9 +6600,11 @@ static int show_ssl_get_cipher_list(THD *thd, SHOW_VAR *var, char *buff) 
  {

    int i;

    const char *p;

    for (i=0 ; (p= SSL_get_cipher_list((SSL*) thd->net.vio->ssl_arg,i)); i++)

    char *end= buff + SHOW_VAR_FUNC_BUFF_SIZE;

    for (i=0; (p= SSL_get_cipher_list((SSL*) thd->net.vio->ssl_arg,i)) &&

               buff < end; i++)

    {

      buff= strmov(buff, p);

      buff= strnmov(buff, p, end-buff-1);

      *buff++= ':';

    }

    if (i)