[CONCPP-14] Heap buffer overflow found with ASAN - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.9.3
Component/s: General
Labels:
None

Description

When running the test suite via ASAN we see this:

==215356==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000055734 at pc 0x7f72b240a87d bp 0x7ffed27a03d0 sp 0x7ffed27a03c0

READ of size 4 at 0x603000055734 thread T0

    #0 0x7f72b240a87c in store_param /home/linuxjedi/Programming/Git/mariadb-connector-cpp/libmariadb/libmariadb/mariadb_stmt.c:616

    #1 0x7f72b240bfb6 in mysql_stmt_execute_generate_simple_request /home/linuxjedi/Programming/Git/mariadb-connector-cpp/libmariadb/libmariadb/mariadb_stmt.c:824

    #2 0x7f72b241a366 in mysql_stmt_execute /home/linuxjedi/Programming/Git/mariadb-connector-cpp/libmariadb/libmariadb/mariadb_stmt.c:2052

    #3 0x7f72b28498d9 in sql::mariadb::capi::QueryProtocol::executePreparedQuery(bool, sql::mariadb::ServerPrepareResult*, std::shared_ptr<sql::mariadb::Results>&, std::vector<std::shared_ptr<sql::mariadb::ParameterHolder>, std::allocator<std::shared_ptr<sql::mariadb::ParameterHolder> > >&) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/protocol/capi/QueryProtocol.cpp:991

    #4 0x7f72b28fdaf3 in sql::mariadb::ServerSidePreparedStatement::executeInternal(int) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/ServerSidePreparedStatement.cpp:402

    #5 0x7f72b28e0aeb in sql::mariadb::BasePrepareStatement::execute() /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/BasePrepareStatement.cpp:1420

    #6 0x43d705 in test_prep_statement_0 /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/test_common.cpp:1673

    #7 0x45cea2 in run_tests(int, char const**) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/test_common.cpp:3202

    #8 0x45e0d3 in main /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/driver_test.cpp:89

    #9 0x7f72b1ea3041 in __libc_start_main ../csu/libc-start.c:308

    #10 0x40d68d in _start (/home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/driver_test+0x40d68d)

0x603000055734 is located 0 bytes to the right of 20-byte region [0x603000055720,0x603000055734)

allocated by thread T0 here:

    #0 0x7f72b2ba1067 in operator new(unsigned long) (/lib64/libasan.so.6+0xb2067)

    #1 0x7f72b2753e24 in void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) /usr/include/c++/10/bits/basic_string.tcc:219

    #2 0x7f72b27f9e66 in sql::SQLString::SQLString(sql::SQLString const&) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/SQLString.cpp:33

    #3 0x7f72b2911ee1 in sql::mariadb::TimestampParameter::TimestampParameter(sql::SQLString const&, sql::mariadb::TimeZone const*, bool) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/parameters/TimestampParameter.cpp:38

    #4 0x7f72b28dfb5f in sql::mariadb::BasePrepareStatement::setDateTime(int, sql::SQLString const&) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/src/BasePrepareStatement.cpp:570

    #5 0x43d67d in test_prep_statement_0 /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/test_common.cpp:1672

    #6 0x45cea2 in run_tests(int, char const**) /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/test_common.cpp:3202

    #7 0x45e0d3 in main /home/linuxjedi/Programming/Git/mariadb-connector-cpp/test/driver_test.cpp:89

    #8 0x7f72b1ea3041 in __libc_start_main ../csu/libc-start.c:308

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Andrew Hutchings (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2020-06-29 12:43

Updated:: 2020-07-27 12:22

Resolved:: 2020-07-26 11:35

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.