[#MDEV-19504] Segfault in COM_FIELD_LIST for INFORMATION

Thread 34 "mysqld" received signal SIGSEGV, Segmentation fault.

[Switching to Thread 0x7ffff47cb700 (LWP 10773)]

0x00000000014e585b in my_strcasecmp_utf8 (cs=0x1e47cf0 [my_charset_utf8_general_ci], s=0x1543906 "ALL_PLUGINS", t=0x0) at /home/midenok/src/mariadb/trunk2/src/strings/ctype-utf8.c:5109

5109      while (s[0] && t[0])

h1.0  0x00000000014e585b in my_strcasecmp_utf8 (cs=0x1e47cf0 [my_charset_utf8_general_ci], s=0x1543906 "ALL_PLUGINS", t=0x0) at /home/midenok/src/mariadb/trunk2/src/strings/ctype-utf8.c:5109

h1.1  0x00000000008a4810 in find_schema_table (thd=0x7fff84000cf8, table_name=0x7ffff47c9fa0, in_plugin=0x7ffff47c934f) at /home/midenok/src/mariadb/trunk2/src/sql/sql_show.cc:8058

h1.2  0x0000000000732e41 in find_schema_table (thd=0x7fff84000cf8, table_name=0x7ffff47c9fa0) at /home/midenok/src/mariadb/trunk2/src/sql/sql_show.h:127

h1.3  0x00000000007252c3 in open_and_process_table (thd=0x7fff84000cf8, lex=0x7fff84004b58, tables=0x7ffff47c9f68, counter=0x7ffff47c9834, flags=1024, prelocking_strategy=0x7ffff47c9838, has_prelocking_list=false, ot_ctx=0x7ffff47c96e8) at /home/midenok/src/mariadb/trunk2/src/sql/sql_base.cc:3598

h1.4  0x00000000007245ed in open_tables (thd=0x7fff84000cf8, options=..., start=0x7ffff47c9848, counter=0x7ffff47c9834, flags=1024, prelocking_strategy=0x7ffff47c9838) at /home/midenok/src/mariadb/trunk2/src/sql/sql_base.cc:4290

h1.5  0x00000000007292e5 in open_tables (thd=0x7fff84000cf8, tables=0x7ffff47c9848, counter=0x7ffff47c9834, flags=1024, prelocking_strategy=0x7ffff47c9838) at /home/midenok/src/mariadb/trunk2/src/sql/sql_base.h:256

h1.6  0x00000000007290a8 in open_normal_and_derived_tables (thd=0x7fff84000cf8, tables=0x7ffff47c9f68, flags=1024, dt_phases=35) at /home/midenok/src/mariadb/trunk2/src/sql/sql_base.cc:5237

h1.7  0x0000000000893bce in mysqld_list_fields (thd=0x7fff84000cf8, table_list=0x7ffff47c9f68, wild=0x7fff840130f0 "") at /home/midenok/src/mariadb/trunk2/src/sql/sql_show.cc:1570

h1.8  0x00000000007d2571 in dispatch_command (command=COM_FIELD_LIST, thd=0x7fff84000cf8, packet=0x7fff84009cf5 "", packet_length=12, is_com_multi=false, is_next_command=false) at /home/midenok/src/mariadb/trunk2/src/sql/sql_parse.cc:2040

frame 3 (cause)

(gdb) p tables->schema_table_name

$3 = {

  str = 0x0,

  length = 0

Fix

--- a/sql/sql_parse.cc

+++ b/sql/sql_parse.cc

@@ -2015,7 +2015,10 @@ bool dispatch_command(enum enum_server_command command, THD *thd,

       ST_SCHEMA_TABLE *schema_table= find_schema_table(thd, &table_list.alias);

       if (schema_table)

+      {

         table_list.schema_table= schema_table;

+        table_list.schema_table_name= table_list.table_name;

+      }

     uint query_length= (uint) (packet_end - packet); // Don't count end \0

[MDEV-19504] Segfault in COM_FIELD_LIST for INFORMATION_SCHEMA Created: 2019-05-17 Updated: 2019-06-05 Resolved: 2019-05-17
Status:	Closed
Project:	MariaDB Server
Component/s:	Information Schema, Server
Affects Version/s:	10.2, 10.3, 10.4
Fix Version/s:	N/A

[MDEV-19504] Segfault in COM_FIELD_LIST for INFORMATION_SCHEMA Created: 2019-05-17 Updated: 2019-06-05 Resolved: 2019-05-17

Reproduce

Result

frame 3 (cause)

Fix