patch.txt
[CONC-487] NULL out pointers after freeing them as defensive programming Created: 2020-08-01 Updated: 2020-08-24 |
|
| Status: | Open |
| Project: | MariaDB Connector/C |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Minor |
| Reporter: | Dianne Skoll | Assignee: | Georg Richter |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Environment: |
Linux (Debian GNU/Linux 10 "buster" |
||
| Attachments: |
patch.txt
|
| Description |
|
In mariadb_lib.c, the mysql_close function contains this code: if (mysql->net.extension) mysql->host_info=mysql->user=mysql->passwd=mysql->db=0; /* Clear pointers for better safety */ if (mysql->extension) mysql->net.pvio= 0; I recommend setting mysql->extension and mysql->net.extension to NULL also as a defensive programming technique. (This is already done for mysql->options.extension in the memset() call). This refers to https://jira.mariadb.org/browse/CONC-289 and also fixes the DBD::mysql issue reported at https://github.com/perl5-dbi/DBD-mysql/issues/306 A patch is attached. Regards, Dianne. |
| Comments |
| Comment by Otto Kekäläinen [ 2020-08-22 ] |
|
This was reported in Debian as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966633 georg Could you please take a look? It has a patch and everything. |
| Comment by Georg Richter [ 2020-08-22 ] |
|
Hi Otto, there i s already a pull request for - unfortunately travis build is broken again, need to fix it first before I will merge pull requests. |
| Comment by Otto Kekäläinen [ 2020-08-24 ] |
|
Looking at the two failures for Travis-CI on latest MariaDB Connector |