• Magne Mahre's avatar
    Bug#48053 String::c_ptr has a race and/or does an invalid · f2a42aee
    Magne Mahre authored
              memory reference
    
    There are two issues present here.
      1) There is a possibility that we test a byte beyond the
         allocated buffer
    
      2) We compare a byte that might never have been
         initalized to see if it's 0.
    
    The first issue is not triggered by existing code, but an
    ASSERT has been added to safe-guard against introducing
    new code that triggers it.
    
    The second issue is what triggers the Valgrind warnings
    reported in the bug report. A buffer is allocated in
    class String to hold the value. This buffer is populated
    by the character data constituting the string, but is not
    zero-terminated in most cases.  Testing if it is indeed
    zero-terminated means that we check a byte that has never
    been explicitly set, thus causing Valgrind to trigger.
    
    Note that issue 2 is not a serious problem.  The variable
    is read, and if it's not zero, we will set it to zero.
    There are no further consequences.
    
    Note that this patch does not fix the underlying problems
    with issue 1, as it is deemed too risky to fix at this
    point (as noted in the bug report).  As discussed in
    the report, the c_ptr() method should probably be
    replaced, but this requires a thorough analysis of the
    ~200 calls to the method.
    f2a42aee
sql_string.h 12.1 KB