[#MDEV-22393] Corruption for some SET GLOBAL innodb

[MDEV-22393] Corruption for some SET GLOBAL innodb_… string variables Created: 2020-04-28 Updated: 2020-04-28 Resolved: 2020-04-28
Status:	Closed
Project:	MariaDB Server
Component/s:	Storage Engine - InnoDB, Storage Engine - XtraDB
Affects Version/s:	10.0, 10.1, 10.2, 10.3, 10.4, 10.5
Fix Version/s:	10.1.45, 10.2.32, 10.3.23, 10.4.13, 10.5.3

Type:

Bug

Priority:

Blocker

Reporter:

Marko Mäkelä

Assignee:

Marko Mäkelä

Resolution:

Fixed

Votes:

Labels:

upstream-fixed, valgrind

Issue Links:

Blocks
blocks	~~MDEV-22394~~	Merge new release of InnoDB 5.7.30 to...	Closed
Relates
relates to	~~MDEV-19445~~	ASAN heap-use-after-free in ut_fold_s...	Closed

Description

The MySQL 5.6.48 and MySQL 5.7.30 fix
Bug #29717909 MEMORY LIFETIME OF VARIABLES BETWEEN CHECK AND UPDATE INCORRECTLY MANAGED
includes a test case for a problem that affects MariaDB Server.
Several MYSQL_SYSVAR_STR parameters that are assigning a pointer to a stack-allocated buffer in the validate callback function. This pointer would go stale after the function returns, causing the variables to read as garbage later. The bug is caught by Valgrind, but for some reason I did not get any diagnostics from AddressSanitizer.

No MYSQL_SYSVAR_STR that are declared in MariaDB Server 5.5 for InnoDB or XtraDB are affected by this.

The affected variables in MySQL 5.6 include the following:

innodb_ft_aux_table (modified but not completely fixed in MariaDB by ~~MDEV-19445~~)
innodb_ft_server_stopword_table
innodb_ft_user_stopword_table (not covered by their test case)
innodb_buffer_pool_filename

Generated at Thu Feb 08 09:14:24 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-22393] Corruption for some SET GLOBAL innodb_… string variables Created: 2020-04-28 Updated: 2020-04-28 Resolved: 2020-04-28