Commit bd41af86 authored by Dmitry Shulga's avatar Dmitry Shulga

Fixed bug #42496 - the server could crash on a debug assert after a failure

to write into a closed socket

sql/protocol.cc:
  Protocol::flush modified: set thd->main_da.can_overwrite_status= TRUE
  before call to net_flush() in order to prevent crash on assert in case
  of socket write failure, reset it to FALSE when net_flush() returned;
  Protocol::send_fields modified: return from method with error if call to
  my_net_write(), proto.write() or write_eof_packet() failed.
sql/sql_cache.cc:
  Query_cache::send_result_to_client modified: call to
  thd->main_da.disable_status() only if write to socket
  was successful.
sql/sql_cursor.cc:
  Materialized_cursor::fetch modified: leave method if call to
  result->send_data() failed.
sql/sql_prepare.cc:
  send_prep_stmt() modified: call to thd->main_da.disable_status()
  only if thd->protocol_text.send_fields() completed successfully.
parent 7ccbf9b8
...@@ -534,7 +534,11 @@ void Protocol::end_partial_result_set(THD *thd_arg) ...@@ -534,7 +534,11 @@ void Protocol::end_partial_result_set(THD *thd_arg)
bool Protocol::flush() bool Protocol::flush()
{ {
#ifndef EMBEDDED_LIBRARY #ifndef EMBEDDED_LIBRARY
return net_flush(&thd->net); bool error;
thd->main_da.can_overwrite_status= TRUE;
error= net_flush(&thd->net);
thd->main_da.can_overwrite_status= FALSE;
return error;
#else #else
return 0; return 0;
#endif #endif
...@@ -574,7 +578,8 @@ bool Protocol::send_fields(List<Item> *list, uint flags) ...@@ -574,7 +578,8 @@ bool Protocol::send_fields(List<Item> *list, uint flags)
if (flags & SEND_NUM_ROWS) if (flags & SEND_NUM_ROWS)
{ // Packet with number of elements { // Packet with number of elements
uchar *pos= net_store_length(buff, list->elements); uchar *pos= net_store_length(buff, list->elements);
(void) my_net_write(&thd->net, buff, (size_t) (pos-buff)); if (my_net_write(&thd->net, buff, (size_t) (pos-buff)))
DBUG_RETURN(1);
} }
#ifndef DBUG_OFF #ifndef DBUG_OFF
...@@ -698,7 +703,7 @@ bool Protocol::send_fields(List<Item> *list, uint flags) ...@@ -698,7 +703,7 @@ bool Protocol::send_fields(List<Item> *list, uint flags)
if (flags & SEND_DEFAULTS) if (flags & SEND_DEFAULTS)
item->send(&prot, &tmp); // Send default value item->send(&prot, &tmp); // Send default value
if (prot.write()) if (prot.write())
break; /* purecov: inspected */ DBUG_RETURN(1);
#ifndef DBUG_OFF #ifndef DBUG_OFF
field_types[count++]= field.type; field_types[count++]= field.type;
#endif #endif
...@@ -711,7 +716,9 @@ bool Protocol::send_fields(List<Item> *list, uint flags) ...@@ -711,7 +716,9 @@ bool Protocol::send_fields(List<Item> *list, uint flags)
to show that there is no cursor. to show that there is no cursor.
Send no warning information, as it will be sent at statement end. Send no warning information, as it will be sent at statement end.
*/ */
write_eof_packet(thd, &thd->net, thd->server_status, thd->total_warn_count); if (write_eof_packet(thd, &thd->net, thd->server_status,
thd->total_warn_count))
DBUG_RETURN(1);
} }
DBUG_RETURN(prepare_for_send(list)); DBUG_RETURN(prepare_for_send(list));
......
...@@ -1653,6 +1653,7 @@ def_week_frmt: %lu, in_trans: %d, autocommit: %d", ...@@ -1653,6 +1653,7 @@ def_week_frmt: %lu, in_trans: %d, autocommit: %d",
thd->limit_found_rows = query->found_rows(); thd->limit_found_rows = query->found_rows();
thd->status_var.last_query_cost= 0.0; thd->status_var.last_query_cost= 0.0;
if (!thd->main_da.is_set())
thd->main_da.disable_status(); thd->main_da.disable_status();
BLOCK_UNLOCK_RD(query_block); BLOCK_UNLOCK_RD(query_block);
......
...@@ -658,7 +658,12 @@ void Materialized_cursor::fetch(ulong num_rows) ...@@ -658,7 +658,12 @@ void Materialized_cursor::fetch(ulong num_rows)
if ((res= table->file->rnd_next(table->record[0]))) if ((res= table->file->rnd_next(table->record[0])))
break; break;
/* Send data only if the read was successful. */ /* Send data only if the read was successful. */
result->send_data(item_list); /*
If network write failed (i.e. due to a closed socked),
the error has already been set. Just return.
*/
if (result->send_data(item_list))
return;
} }
switch (res) { switch (res) {
......
...@@ -263,8 +263,11 @@ static bool send_prep_stmt(Prepared_statement *stmt, uint columns) ...@@ -263,8 +263,11 @@ static bool send_prep_stmt(Prepared_statement *stmt, uint columns)
&stmt->lex->param_list, &stmt->lex->param_list,
Protocol::SEND_EOF); Protocol::SEND_EOF);
} }
if (!error)
/* Flag that a response has already been sent */ /* Flag that a response has already been sent */
thd->main_da.disable_status(); thd->main_da.disable_status();
DBUG_RETURN(error); DBUG_RETURN(error);
} }
#else #else
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment