Details
-
Task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
None
-
None
Description
The official PCRE-8.33 has a bug that makes the function
pcre_compile() crash if the pattern has too deep parenthesis level.
We cannot compile MariaDB against an external PCRE-8.33 (or earlier)
library to avoid this crash.
PCRE-8.33 bundled with MariaDB-10.0.5 has our own patch
to prevent this crash in queries like:
SELECT 'x' RLIKE CONCAT(REPEAT('(',300), 'x', REPEAT(')',300));
The problem was reported to the PCRE maintainers and is already
fixed in the PCRE trunk. The next release PCRE-8.34 (which is going to
be released around the end of December 2013) will include this fix.
After 8.34 is out, we should upgrade the bundled version to 8.34
and add an option to compile MariaDB against an external
PCRE library (8.34 or later) instead of the bundled one.
This will reduce the size of "mysqld" on many systems that
have PCRE as a package, and will be inline with the
"No Bundled Libraries" concept followed by most Linux
distribution:
https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries
Note, mysqld is linked against libpcre.so as a dependency when compiled against openssl,
which makes it even worse (two copies of PCRE inside mysqld, one statically linked, and
another one dynamically linked):
$ ldd sql/mysqld
|
linux-vdso.so.1 => (0x00007fff443aa000)
|
libpthread.so.0 => /lib64/libpthread.so.0 (0x00000037c7800000)
|
libaio.so.1 => /lib64/libaio.so.1 (0x0000003d96800000)
|
libz.so.1 => /lib64/libz.so.1 (0x00000037c8400000)
|
librt.so.1 => /lib64/librt.so.1 (0x00000037c8000000)
|
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000037da600000)
|
libssl.so.10 => /lib64/libssl.so.10 (0x00000037d1c00000)
|
libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00000037cf000000)
|
libdl.so.2 => /lib64/libdl.so.2 (0x00000037c7400000)
|
libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00000037c9c00000)
|
libm.so.6 => /lib64/libm.so.6 (0x00000037c7c00000)
|
libc.so.6 => /lib64/libc.so.6 (0x00000037c7000000)
|
/lib64/ld-linux-x86-64.so.2 (0x00000037c6c00000)
|
libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00000037c8800000)
|
libfreebl3.so => /lib64/libfreebl3.so (0x00000037d8a00000)
|
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00000037cfc00000)
|
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00000037d1000000)
|
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00000037cf800000)
|
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00000037d0400000)
|
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00000037d1400000)
|
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00000037d0c00000)
|
libresolv.so.2 => /lib64/libresolv.so.2 (0x00000037c9400000)
|
libselinux.so.1 => /lib64/libselinux.so.1 (0x00000037c8c00000)
|
libpcre.so.1 => /lib64/libpcre.so.1 (0x00000037c9000000)
|
$ ldd /lib64/libssl.so.10
|
....
|
libpcre.so.1 => /lib64/libpcre.so.1 (0x00000037c9000000)
|