Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extract some of #3360 fixes to 10.6.x #3493

Open
wants to merge 1 commit into
base: 10.6
Choose a base branch
from
Open

Extract some of #3360 fixes to 10.6.x #3493

wants to merge 1 commit into from

Conversation

ParadoxV5
Copy link

@ParadoxV5 ParadoxV5 commented Sep 1, 2024
edited
Loading

  • The Jira issue number for this PR is: MDEV-21978
  • Sibling of Extract some of #3360 fixes to 10.5.x #3485
  • To clarify, my coding period for Google Summer of Code (GSoC) 2024 ended.
    While this code originates from my GSoC project, this publication (i.e., commit and PR descriptions) isn’t.

Description

#3360 uncovered countless potential minor security vulnerabilities on my_snprintf uses.
This commit ports a squashed subset of their fixes according to the bug-fixing process to 10.6, covering cases that weren’t applicable for 10.5 (#3485).
(My GSoC mentor said that they aren’t much of a problem and I can open a PR normally.)

Similar to #3485, I haven’t changed size_ts from %d to %u and haven’t searched issues obsolete in 11.6.

Release Notes

Nothing either?

  • Fixed data size mismatches that were garbling outputs (or possibly even crashes) on problematic platforms – mostly on error messages and debug logs

How can this PR be tested?

I’m not certain how we could catch these human errors besides testing #3360 (MDEV-21978) and syncing this PR with it.

Basing the PR against the correct MariaDB version

  • This is a new feature or a refactoring, and the PR is based against the main branch.
  • This is a bug fix, and the PR is based against the earliest maintained branch in which the bug can be reproduced.

PR quality check

  • I checked the CODING_STANDARDS.md file and my PR conforms to this where appropriate.
  • For any trivial modifications to the PR, I am ok with the reviewer making the changes themselves.

@ParadoxV5
Extract some of MariaDB#3360 fixes to 10.6.x
9221411 
That PR uncovered countless issues on `my_snprintf` uses.
This commit backports a squashed subset of their fixes (excludes MariaDB#3485).
@ParadoxV5 ParadoxV5 mentioned this pull request Sep 1, 2024
Open
3 tasks
ParadoxV5 added a commit to ParadoxV5/MariaDB-server that referenced this pull request Sep 13, 2024
@ParadoxV5
Extract some of MariaDB#3360 fixes to 10.11.x
1d926b4 
That PR uncovered countless issues on `my_snprintf` uses.
This commit backports a squashed subset of their fixes.
(Excludes previous parts MariaDB#3485 and MariaDB#3493)
@ParadoxV5 ParadoxV5 mentioned this pull request Sep 13, 2024
Open
3 tasks
ParadoxV5 added a commit to ParadoxV5/MariaDB-server that referenced this pull request Sep 14, 2024
@ParadoxV5
Extract some of MariaDB#3360 fixes to 10.11.x
b8e182e 
That PR uncovered countless issues on `my_snprintf` uses.
This commit backports a squashed subset of their fixes.
(Excludes previous parts MariaDB#3485 and MariaDB#3493)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ParadoxV5