Commit bac33533 authored by Sujatha's avatar Sujatha

MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events

Problem:
========
SHOW BINLOG EVENTS FROM <pos> reports following ASAN error

AddressSanitizer: SEGV on unknown address
The signal is caused by a READ memory access.
User_var_log_event::User_var_log_event(char const*, unsigned int,
    Format_description_log_event const*)

Implemented part of upstream patch.
commit: mysql/mysql-server@a3a497ccf7ecacc900551fb1e47ea4078b45c351

Fix:
===
**Part8: added checks to avoid reading out of buffer limits**
parent 2187f1c2
...@@ -7957,6 +7957,11 @@ User_var_log_event(const char* buf, uint event_len, ...@@ -7957,6 +7957,11 @@ User_var_log_event(const char* buf, uint event_len,
we keep the flags set to UNDEF_F. we keep the flags set to UNDEF_F.
*/ */
uint bytes_read= ((val + val_len) - buf_start); uint bytes_read= ((val + val_len) - buf_start);
if (bytes_read > event_len)
{
error= true;
goto err;
}
if ((data_written - bytes_read) > 0) if ((data_written - bytes_read) > 0)
{ {
flags= (uint) *(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE + flags= (uint) *(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE +
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment