off-by-one error in count_params

--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

We've been vetting DBD-mysql 4.014 for production use and have found a
small off-by-one error in count_params when using C-style comments.
The bug is that the character after the closing '*/' gets ignored. If
the comment close characters happen to appear at the end of the query
string, this results in the routine looking through randomly allocated
memory up to the next NUL (or triggering a SEGV, if one hits brk).

Patch against GitHub sources attached.

--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="count_params.patch"

diff --git a/dbdimp.c b/dbdimp.c
index e473a77..f672a3d 100755
--- a/dbdimp.c
+++ b/dbdimp.c
@@ -135,7 +135,6 @@ count_params(char *statement)
/* alas, end of comment */
if (c == '/')
{
- ptr++;
comment_end= true;
break;
}


--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii


--
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe: http://lists.mysql.com/perl?unsub=gcdmp-msql-mysql-modules@m .gmane.org
--gKMricLos+KVdGMg--