[CONC-657] mariadb_rpl_fetch() crashes when extra_data is present - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.3.5
Fix Version/s: 3.3.6
Component/s: Replication/Binlog API
Labels:
None
Environment:
Windows / Linux, MySQL 8

Description

This bug occurs when mariadb_rpl_fetch() reads a Rows event that contains extra_data. This occurs, for example, in MySQL 8, if the table is partitioned by range.

This code is wrong and leads to a crash:

if (rpl_event->event.rows.extra_data_size - 2 > 0) {

rpl_set_string_and_len(rpl_event->event.rows.extra_data, ev, rpl_event-
>event.rows.extra_data_size - 2);

ev+= rpl_event->event.rows.extra_data_size;

}

The correct code should be something like this:

if (rpl_event->event.rows.extra_data_size - 2 > 0) {

rpl_alloc_set_string_and_len(...);

ev += (rpl_event->event.rows.extra_data_size - 2);

}

Attachments

Activity

People

Assignee:: Georg Richter

Reporter:: Sruli Ganor

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2023-07-16 08:45

Updated:: 2024-03-22 14:35

Resolved:: 2023-07-21 11:45

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.