Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
5.3.12, 5.5.37, 10.0.11
-
None
-
None
Description
This simple test case crashes the server:
--source include/master-slave.inc
|
--connection server_2
|
kill hard query user test2@nohost;
|
--source include/rpl_end.inc
|
It crashes inside kill_threads_for_user(), in this code:
if (((user->host.str[0] == '%' && !user->host.str[1]) ||
|
!strcmp(tmp->security_ctx->host, user->host.str)) &&
|
!strcmp(tmp->security_ctx->user, user->user.str))
|
tmp->security_ctx->host is NULL for the slave IO thread, so we get a NULL
pointer reference inside strcmp().
I'm not sure if the bug here is that the host field is NULL in the replication
thread, or if the bug is that the code in kill_threads_for_user() should check
for NULL...
Attachments
Activity
| Field | Original Value | New Value |
|---|---|---|
| Fix Version/s | 10.0.12 [ 15201 ] | |
| Fix Version/s | 5.5.38 [ 15400 ] | |
| Fix Version/s | 5.3.13 [ 12602 ] | |
| Affects Version/s | 5.3.12 [ 12000 ] | |
| Affects Version/s | 5.5.37 [ 15000 ] | |
| Affects Version/s | 10.0.11 [ 15200 ] | |
| Affects Version/s | 5.5.36 [ 14600 ] | |
| Assignee | Michael Widenius [ monty ] |
| Assignee | Michael Widenius [ monty ] | Sergei Golubchik [ serg ] |
| Fix Version/s | 5.5.39 [ 15800 ] | |
| Fix Version/s | 5.5.38 [ 15400 ] |
| Workflow | defaullt [ 41704 ] | MariaDB v2 [ 43536 ] |
| Fix Version/s | 10.0.13 [ 16000 ] | |
| Fix Version/s | 10.0.12 [ 15201 ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Fix Version/s | 10.0.13 [ 16300 ] | |
| Fix Version/s | 5.5.39 [ 16301 ] | |
| Fix Version/s | 5.5 [ 15800 ] | |
| Fix Version/s | 10.0 [ 16000 ] | |
| Resolution | Fixed [ 1 ] | |
| Status | In Progress [ 3 ] | Closed [ 6 ] |
| Workflow | MariaDB v2 [ 43536 ] | MariaDB v3 [ 63726 ] |
| Workflow | MariaDB v3 [ 63726 ] | MariaDB v4 [ 147925 ] |
Also reproducible on old versions of 5.3 and 5.5 (tried 5.3.7 and 5.5.23)/