List:Commits« Previous MessageNext Message »
From:Sergey Vojtovich Date:March 20 2008 1:50pm
Subject:bk commit into 5.0 tree (svoj:1.2599) BUG#34788
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of svoj.  When svoj does a push these changes
will be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2008-03-20 16:50:05+04:00, svoj@stripped +3 -0
  BUG#34788 - malformed federated connection url is not handled
              correctly - crashes server !
  
  Createing federated table with connect string containing empty
  (zero-length) host name and port is evaluated as 0 (port is
  incorrect, omitted or 0) crashes server.
  
  This happens because federated calls strcmp() with NULL pointer.
  
  Fixed by avoiding strcmp() call if hostname is set to NULL.

  mysql-test/r/federated.result@stripped, 2008-03-20 16:50:03+04:00, svoj@stripped +3 -0
    A test case for BUG#34788.

  mysql-test/t/federated.test@stripped, 2008-03-20 16:50:03+04:00, svoj@stripped +8 -0
    A test case for BUG#34788.

  sql/ha_federated.cc@stripped, 2008-03-20 16:50:03+04:00, svoj@stripped +8 -1
    Fixed that parse_url() may call strcmp() with NULL pointer.

diff -Nrup a/mysql-test/r/federated.result b/mysql-test/r/federated.result
--- a/mysql-test/r/federated.result	2008-02-14 16:26:58 +04:00
+++ b/mysql-test/r/federated.result	2008-03-20 16:50:03 +04:00
@@ -2069,6 +2069,9 @@ a	b
 1	1
 DROP TABLE t1;
 DROP TABLE t1;
+CREATE TABLE t1 (a INT) ENGINE=federated
+CONNECTION='mysql://@:://';
+DROP TABLE t1;
 DROP TABLE IF EXISTS federated.t1;
 DROP DATABASE IF EXISTS federated;
 DROP TABLE IF EXISTS federated.t1;
diff -Nrup a/mysql-test/t/federated.test b/mysql-test/t/federated.test
--- a/mysql-test/t/federated.test	2008-02-14 16:26:58 +04:00
+++ b/mysql-test/t/federated.test	2008-03-20 16:50:03 +04:00
@@ -1738,4 +1738,12 @@ DROP TABLE t1;
 connection slave;
 DROP TABLE t1;
 
+#
+# BUG#34788 - malformed federated connection url is not handled correctly -
+#             crashes server !
+#
+eval CREATE TABLE t1 (a INT) ENGINE=federated
+CONNECTION='mysql://@:://';
+DROP TABLE t1;
+
 source include/federated_cleanup.inc;
diff -Nrup a/sql/ha_federated.cc b/sql/ha_federated.cc
--- a/sql/ha_federated.cc	2008-02-14 16:26:58 +04:00
+++ b/sql/ha_federated.cc	2008-03-20 16:50:03 +04:00
@@ -643,12 +643,19 @@ static int parse_url(FEDERATED_SHARE *sh
   if ((strchr(share->table_name, '/')))
     goto error;
 
+  /*
+    If hostname is omitted, we set it to NULL. According to
+    mysql_real_connect() manual:
+    The value of host may be either a hostname or an IP address.
+    If host is NULL or the string "localhost", a connection to the
+    local host is assumed.
+  */
   if (share->hostname[0] == '\0')
     share->hostname= NULL;
 
   if (!share->port)
   {
-    if (strcmp(share->hostname, my_localhost) == 0)
+    if (!share->hostname || strcmp(share->hostname, my_localhost) == 0)
       share->socket= my_strdup(MYSQL_UNIX_ADDR, MYF(0));
     else
       share->port= MYSQL_PORT;
Thread
bk commit into 5.0 tree (svoj:1.2599) BUG#34788Sergey Vojtovich20 Mar 2008