Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.6, 10.10.1, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
-
Ubuntu 20.04
Description
Dear MariaDB developers,
I am Zu-Ming Jiang, a PhD student at ETH Zurich. I used my new fuzzer to fuzz MariaDB and found a bug that can directly crashes MariaDB 10.10.1 server. The bug information is following:
The installation process of MariaDB (debug mode, enable ASAN)
cd mariadb-10.10.1
mkdir build; cd build
cmake .. -DCMAKE_BUILD_TYPE=Debug -DWITH_ASAN=ON
make -j12 && sudo make install
Reproduce process
– step 1: set up MariaDB server and create a database named "testdb"
/usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql&
/usr/local/mysql/bin/mysql -uroot
mysql> create database testdb;
– step2: trigger the bug
/usr/local/mysql/bin/mysql --force -uroot -Dtestdb < mysql_bk.sql
/usr/local/mysql/bin/mysql --force -uroot -Dtestdb < bug_trigger_stmt.sql
Bug Information
The bug-triggering files "mysql_bk.sql" and "bug_trigger_stmt.sql" is in the attached.
The error report of MariaDB is in the attached file "bug_report.txt"