Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.2.2, 10.3.0, 10.4.0, 10.5.0
Description
After the function page_zip_fields_decode() has assigned index=NULL to signal a corruption of a ROW_FORMAT=COMPRESSED page, it could dereference that pointer before returning.
In MariaDB Server 10.2, this only affects SPATIAL INDEX. Starting with the 10.3 version, this affects all indexes, due to additions that were made to this function in MDEV-11369.
There should be no user-visible impact of this. Also, until MDEV-13542 has been fixed, there are many other cases where we could crash due to a corrupted page.