[MDEV-11833] JSON functions don't seem to respect max_allowed_packet - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.2(EOL)
Fix Version/s: 10.2.5
Component/s: JSON
Labels:
None

Sprint:
10.2.5-1

Description

MariaDB [test]> \W

Show warnings enabled.

MariaDB [test]> set @a= json_quote(json_array(repeat('a',1024),repeat('a',1024))); select length(@a);

Query OK, 0 rows affected (0.00 sec)

+------------+

| length(@a) |

+------------+

|       2062 |

+------------+

1 row in set (0.00 sec)

MariaDB [test]> show variables like 'max_allowed_packet';

+--------------------+-------+

| Variable_name      | Value |

+--------------------+-------+

| max_allowed_packet | 1024  |

+--------------------+-------+

1 row in set (0.00 sec)

Similar behavior of other functions:

MariaDB [test]> select concat(repeat('a',1024),repeat('a',1024));

+-------------------------------------------+

| concat(repeat('a',1024),repeat('a',1024)) |

+-------------------------------------------+

| NULL                                      |

+-------------------------------------------+

1 row in set, 1 warning (0.00 sec)

Warning (Code 1301): Result of concat() was larger than max_allowed_packet (1024) - truncated

While this example looks artificial , it may cause serious stability issues in many scenarios on production (unintentionally, e.g. because of bug in client software or used by attacker to impact performance / stability) - so I put 'Major' priority here, but I am OK with 'Minor' priority if such is justified.

Attachments

Activity

Ascending order - Click to sort in descending order

Andrii Nikitin (Inactive) created issue - 2017-01-18 15:05

Elena Stepanova made changes - 2017-01-18 15:23

Field	Original Value	New Value
Description	MariaDB [test]> \W Show warnings enabled. MariaDB [test]> set @a= json_quote(json_array(repeat('a',1024),repeat('a',1024))); select length(@a); Query OK, 0 rows affected (0.00 sec) +------------+ \| length(@a) \| +------------+ \| 2062 \| +------------+ 1 row in set (0.00 sec) MariaDB [test]> show variables like 'max_allowed_packet'; +--------------------+-------+ \| Variable_name \| Value \| +--------------------+-------+ \| max_allowed_packet \| 1024 \| +--------------------+-------+ 1 row in set (0.00 sec) Similar behavior of other functions: MariaDB [test]> select concat(repeat('a',1024),repeat('a',1024)); +-------------------------------------------+ \| concat(repeat('a',1024),repeat('a',1024)) \| +-------------------------------------------+ \| NULL \| +-------------------------------------------+ 1 row in set, 1 warning (0.00 sec) Warning (Code 1301): Result of concat() was larger than max_allowed_packet (1024) - truncated While this example looks artificial , it may cause serious stability issues in many scenarios on production (unintentionally, e.g. because of bug in client software or used by attacker to impact performance / stability) - so I put 'Major' priority here, but I am OK with 'Minor' priority if such is justified.	{code:sql} MariaDB [test]> \W Show warnings enabled. MariaDB [test]> set @a= json_quote(json_array(repeat('a',1024),repeat('a',1024))); select length(@a); Query OK, 0 rows affected (0.00 sec) +------------+ \| length(@a) \| +------------+ \| 2062 \| +------------+ 1 row in set (0.00 sec) MariaDB [test]> show variables like 'max_allowed_packet'; +--------------------+-------+ \| Variable_name \| Value \| +--------------------+-------+ \| max_allowed_packet \| 1024 \| +--------------------+-------+ 1 row in set (0.00 sec) {code} Similar behavior of other functions: {code:sql} MariaDB [test]> select concat(repeat('a',1024),repeat('a',1024)); +-------------------------------------------+ \| concat(repeat('a',1024),repeat('a',1024)) \| +-------------------------------------------+ \| NULL \| +-------------------------------------------+ 1 row in set, 1 warning (0.00 sec) Warning (Code 1301): Result of concat() was larger than max_allowed_packet (1024) - truncated {code} While this example looks artificial , it may cause serious stability issues in many scenarios on production (unintentionally, e.g. because of bug in client software or used by attacker to impact performance / stability) - so I put 'Major' priority here, but I am OK with 'Minor' priority if such is justified.

Elena Stepanova made changes - 2017-01-18 15:24

Fix Version/s

10.2 [ 14601 ]

Elena Stepanova added a comment - 2017-01-18 15:30 - edited

I don't think the example is exceedingly artificial. In reality, JSON texts can probably be quite long, so they can exceed max_allowed_packet.
In MySQL it works as expected:

MySQL 5.7
MySQL [test]> select json_quote(json_array(repeat('a',1024),repeat('a',1024)));
+-----------------------------------------------------------+
\| json_quote(json_array(repeat('a',1024),repeat('a',1024))) \|
+-----------------------------------------------------------+
\| NULL \|
+-----------------------------------------------------------+
1 row in set, 1 warning (0.00 sec)

MySQL [test]> show warnings;
+---------+------+------------------------------------------------------------------------------+
\| Level \| Code \| Message \|
+---------+------+------------------------------------------------------------------------------+
\| Warning \| 1301 \| Result of json_array() was larger than max_allowed_packet (1024) - truncated \|
+---------+------+------------------------------------------------------------------------------+
1 row in set (0.00 sec)

MySQL [test]> select @@version;
+--------------+
\| @@version \|
+--------------+
\| 5.7.17-debug \|
+--------------+
1 row in set (0.00 sec)

Elena Stepanova added a comment - 2017-01-18 15:30 - edited I don't think the example is exceedingly artificial. In reality, JSON texts can probably be quite long, so they can exceed max_allowed_packet . In MySQL it works as expected: MySQL 5.7 MySQL [test]> select json_quote(json_array(repeat( 'a' ,1024),repeat( 'a' ,1024))); + -----------------------------------------------------------+ | json_quote(json_array(repeat( 'a' ,1024),repeat( 'a' ,1024))) | + -----------------------------------------------------------+ | NULL | + -----------------------------------------------------------+ 1 row in set , 1 warning (0.00 sec) MySQL [test]> show warnings; + ---------+------+------------------------------------------------------------------------------+ | Level | Code | Message | + ---------+------+------------------------------------------------------------------------------+ | Warning | 1301 | Result of json_array() was larger than max_allowed_packet (1024) - truncated | + ---------+------+------------------------------------------------------------------------------+ 1 row in set (0.00 sec) MySQL [test]> select @@version; + --------------+ | @@version | + --------------+ | 5.7.17-debug | + --------------+ 1 row in set (0.00 sec)

Rasmus Johansson (Inactive) made changes - 2017-03-09 10:45

Sprint

10.2.5-1 [ 144 ]

Rasmus Johansson (Inactive) made changes - 2017-03-09 10:45

Rank

Ranked lower

Alexey Botchkov made changes - 2017-03-14 13:00

Status

Open [ 1 ]

In Progress [ 3 ]

Alexey Botchkov added a comment - 2017-03-14 13:51

http://lists.askmonty.org/pipermail/commits/2017-March/010858.html

Alexey Botchkov added a comment - 2017-03-14 13:51 http://lists.askmonty.org/pipermail/commits/2017-March/010858.html

Alexey Botchkov made changes - 2017-03-14 13:51

issue.field.resolutiondate

2017-03-14 13:51:00.0

2017-03-14 13:51:00.361

Alexey Botchkov made changes - 2017-03-14 13:51

Fix Version/s		10.2.4 [ 22116 ]
Fix Version/s	10.2 [ 14601 ]
Resolution		Fixed [ 1 ]
Status	In Progress [ 3 ]	Closed [ 6 ]

Rasmus Johansson (Inactive) made changes - 2017-03-15 08:32

Fix Version/s		10.2.5 [ 22117 ]
Fix Version/s	10.2.4 [ 22116 ]

Sergei Golubchik made changes - 2021-12-06 21:44

Workflow

MariaDB v3 [ 79261 ]

MariaDB v4 [ 151554 ]

People

Assignee:: Alexey Botchkov

Reporter:: Andrii Nikitin (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2017-01-18 15:05

Updated:: 2017-03-15 08:32

Resolved:: 2017-03-14 13:51

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server