Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-36585

a segmentation fault (SIGSEGV) due to a null pointer dereference in Item_field::used_tables() at sql/item.cc:3479

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Duplicate
    • 11.4.0
    • N/A
    • Optimizer
    • None
    • ubuntu20.04,x86
    • Not for Release Notes

    Description

      MariaDB repeatedly crashes with a segmentation fault (SIGSEGV) due to a null pointer dereference in Item_field::used_tables() at sql/item.cc:3479, where it accesses field->table->const_table without checking if field or field->table is null. This issue is likely triggered during query optimization involving subqueries, views, or triggers, where field resolution fails or remains uninitialized. The crash indicates a denial-of-service (DoS) vulnerability. A null check should be added at this code location to prevent the crash.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. MDEV-26944 Server crash on selecting some data from information_schema

          • Critical - Crashes, loss of data, severe memory leak.
          • Stalled

          Activity

            People

              Unassigned Unassigned
              yx yx
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.