Fixed length of codding of COM_MULTI parts.

sanja-byelkin · sanja-byelkin · commit 7b86fda0c9b6 · 2016-08-31T18:27:01.000+02:00
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
@@ -1476,22 +1476,25 @@ uint maria_multi_check(THD *thd, char *packet, uint packet_length)
   DBUG_ENTER("maria_multi_check");
   while (packet_length)
   {
+    char *packet_start= packet;
+    size_t subpacket_length= net_field_length((uchar **)&packet_start);
+    uint length_length= packet_start - packet;
     // length of command + 3 bytes where that length was stored
-    uint subpacket_length= (uint3korr(packet) + 3);
-    DBUG_PRINT("info", ("sub-packet length: %d  command: %x",
-                        subpacket_length, packet[3]));
+    DBUG_PRINT("info", ("sub-packet length: %ld + %d  command: %x",
+                        (ulong)subpacket_length, length_length,
+                        packet_start[3]));
 
-    if (subpacket_length == 3 ||
-        subpacket_length > packet_length)
+    if (subpacket_length == 0 ||
+        (subpacket_length + length_length) > packet_length)
     {
       my_message(ER_UNKNOWN_COM_ERROR, ER_THD(thd, ER_UNKNOWN_COM_ERROR),
                  MYF(0));
       DBUG_RETURN(0);
     }
 
     counter++;
-    packet+= subpacket_length;
-    packet_length-= subpacket_length;
+    packet= packet_start + subpacket_length;
+    packet_length-= (subpacket_length + length_length);
   }
   DBUG_RETURN(counter);
 }
@@ -2231,8 +2234,10 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
       break;
 
     {
+      char *packet_start= packet;
       /* We have to store next length because it will be destroyed by '\0' */
-      uint next_subpacket_length= uint3korr(packet);
+      size_t next_subpacket_length= net_field_length((uchar **)&packet_start);
+      uint next_length_length= packet_start - packet;
       unsigned char *readbuff= net->buff;
 
       if (net_allocate_new_packet(net, thd, MYF(0)))
@@ -2246,22 +2251,28 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
       while (packet_length)
       {
         current_com++;
-        uint subpacket_length= next_subpacket_length + 3;
+        size_t subpacket_length= next_subpacket_length + next_length_length;
+        uint length_length= next_length_length;
         if (subpacket_length < packet_length)
-          next_subpacket_length= uint3korr(packet + subpacket_length);
+        {
+          packet_start= packet + subpacket_length;
+          next_subpacket_length= net_field_length((uchar**)&packet_start);
+          next_length_length= packet_start - (packet + subpacket_length);
+        }
         /* safety like in do_command() */
         packet[subpacket_length]= '\0';
 
-        enum enum_server_command subcommand= fetch_command(thd, (packet + 3));
+        enum enum_server_command subcommand=
+          fetch_command(thd, (packet + length_length));
 
         if (server_command_flags[subcommand] & CF_NO_COM_MULTI)
         {
           my_error(ER_BAD_COMMAND_IN_MULTI, MYF(0), command_name[subcommand]);
           goto com_multi_end;
         }
 
-        if (dispatch_command(subcommand, thd, packet + (1 + 3),
-                             subpacket_length - (1 + 3), TRUE,
+        if (dispatch_command(subcommand, thd, packet + (1 + length_length),
+                             subpacket_length - (1 + length_length), TRUE,
                              (current_com != counter)))
         {
           DBUG_ASSERT(thd->is_error());
