mirror of
https://github.com/diesel-rs/diesel.git
synced 2024-10-04 17:47:17 +03:00
Fix buffer overrun issue with MySQL
`Vec::reserve` ensures that `self.capacity() >= self.len() + additional`, not `self.capacity() >= original_capacity + additional`. If we don't set the length before this call, we aren't necessarily actually allocating to be the size we want to be, and risk a buffer overrun.
This commit is contained in:
parent
08df5fa363
commit
a32afd94b5
@ -155,6 +155,7 @@ impl BindData {
|
||||
|
||||
debug_assert!(truncated_amount > 0, "output buffers were invalidated \
|
||||
without calling `mysql_stmt_bind_result`");
|
||||
self.bytes.set_len(offset);
|
||||
self.bytes.reserve(truncated_amount);
|
||||
self.bytes.set_len(self.length as usize);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user