MDEV-5436 mysqld crash signal 11 in mysql_audit_general.

That error 'Can't open the pid file' leads to mysqld crash signal 11 in mysql_audit_general() called with the 'thd' parameter set to NULL. That wasn't checked when the thd->db and thd->db_length were accessed. Fixed by checking for the NULL thd.

MDEV-5436 mysqld crash signal 11 in mysql_audit_general.
That error 'Can't open the pid file' leads to mysqld crash signal 11 in mysql_audit_general() called with the 'thd' parameter set to NULL. That wasn't checked when the thd->db and thd->db_length were accessed. Fixed by checking for the NULL thd.
3f3a84f4 · Alexey Botchkov · 525c00c6 · 3f3a84f4 · 3f3a84f4
Commit 3f3a84f4 authored Feb 28, 2014 by Alexey Botchkov
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 4 deletions

sql/sql_audit.cc sql/sql_audit.cc +2 -2

sql/sql_audit.h sql/sql_audit.h +10 -2

No files found.
--- a/sql/sql_audit.cc
+++ b/sql/sql_audit.cc
@@ -84,7 +84,7 @@ static void general_class_handler(THD *thd, uint event_subtype, va_list ap)
  event.general_rows= (unsigned long long) va_arg(ap, ha_rows);
  event.database= va_arg(ap, const char *);
  event.database_length= va_arg(ap, unsigned int);
-  event.query_id= (unsigned long long) thd->query_id;
+  event.query_id= (unsigned long long) (thd ? thd->query_id : 0);
  event_class_dispatch(thd, MYSQL_AUDIT_GENERAL_CLASS, &event);
 }

@@ -134,7 +134,7 @@ static void table_class_handler(THD *thd, uint event_subclass, va_list ap)
  event.new_database_length= va_arg(ap, unsigned int);
  event.new_table= va_arg(ap, const char *);
  event.new_table_length= va_arg(ap, unsigned int);
-  event.query_id= (unsigned long long) thd->query_id;
+  event.query_id= (unsigned long long) (thd ? thd->query_id : 0);
  event_class_dispatch(thd, MYSQL_AUDIT_TABLE_CLASS, &event);
 }


--- a/sql/sql_audit.h
+++ b/sql/sql_audit.h
@@ -90,11 +90,13 @@ void mysql_audit_general_log(THD *thd, time_t time,
  {
    CHARSET_INFO *clientcs= thd ? thd->variables.character_set_client
                                : global_system_variables.character_set_client;
+    const char *db= thd ? thd->db : "";
+    size_t db_length= thd ? thd->db_length : 0;

    mysql_audit_notify(thd, MYSQL_AUDIT_GENERAL_CLASS, MYSQL_AUDIT_GENERAL_LOG,
                       0, time, user, userlen, cmd, cmdlen,
                       query, querylen, clientcs, (ha_rows) 0,
-                       thd->db, thd->db_length);
+                       db, db_length);
  }
 }

@@ -123,6 +125,8 @@ void mysql_audit_general(THD *thd, uint event_subtype,
    char user_buff[MAX_USER_HOST_SIZE];
    CSET_STRING query;
    ha_rows rows;
+    const char *db;
+    size_t db_length;

    if (thd)
    {
@@ -130,18 +134,22 @@ void mysql_audit_general(THD *thd, uint event_subtype,
      user= user_buff;
      userlen= make_user_name(thd, user_buff);
      rows= thd->warning_info->current_row_for_warning();
+      db= thd->db;
+      db_length= thd->db_length;
    }
    else
    {
      user= 0;
      userlen= 0;
      rows= 0;
+      db= "";
+      db_length= 0;
    }

    mysql_audit_notify(thd, MYSQL_AUDIT_GENERAL_CLASS, event_subtype,
                       error_code, time, user, userlen, msg, msglen,
                       query.str(), query.length(), query.charset(), rows,
-                       thd->db, thd->db_length);
+                       db, db_length);
  }
 }