[#MDEV-22818] Server crash on corrupted ROW

[MDEV-22818] Server crash on corrupted ROW_FORMAT=COMPRESSED page Created: 2020-06-06 Updated: 2020-06-06 Resolved: 2020-06-06
Status:	Closed
Project:	MariaDB Server
Component/s:	Storage Engine - InnoDB
Affects Version/s:	10.2.2, 10.3.0, 10.4.0, 10.5.0
Fix Version/s:	10.5.4, 10.2.33, 10.3.24, 10.4.14

Type:

Bug

Priority:

Major

Reporter:

Marko Mäkelä

Assignee:

Marko Mäkelä

Resolution:

Fixed

Votes:

Labels:

corruption, crash, upstream

Description

After the function page_zip_fields_decode() has assigned index=NULL to signal a corruption of a ROW_FORMAT=COMPRESSED page, it could dereference that pointer before returning.

In MariaDB Server 10.2, this only affects SPATIAL INDEX. Starting with the 10.3 version, this affects all indexes, due to additions that were made to this function in ~~MDEV-11369~~.

There should be no user-visible impact of this. Also, until ~~MDEV-13542~~ has been fixed, there are many other cases where we could crash due to a corrupted page.

Generated at Thu Feb 08 09:17:42 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-22818] Server crash on corrupted ROW_FORMAT=COMPRESSED page Created: 2020-06-06 Updated: 2020-06-06 Resolved: 2020-06-06