#At file:///home/bzr/mkindahl/patching-5.1/ based on revid:mats@stripped
3110 Mats Kindahl 2009-09-25
Bug #47645: Segmentation fault when out of memory during handlerton initialization
There is a missing check for memory allocation failure when allocating
memory for the handlerton structure. If the handlerton init function
tries to de-reference the pointer, it will cause a segmentation fault
and crash the server.
This patch fixes the problem by not calling the init function if memory
allocation failed, and instead reports the error to the caller.
@ sql/handler.cc
Add a check if memory allocation succeeded before calling the init
function. If it failed, it is not necessary to free the memory,
but the plugin->data is set to NULL to ensure that it can be checked
for failure.
modified:
sql/handler.cc
=== modified file 'sql/handler.cc'
--- a/sql/handler.cc 2009-07-29 08:54:20 +0000
+++ b/sql/handler.cc 2009-09-25 09:29:54 +0000
@@ -430,6 +430,10 @@ int ha_initialize_handlerton(st_plugin_i
hton= (handlerton *)my_malloc(sizeof(handlerton),
MYF(MY_WME | MY_ZEROFILL));
+
+ if (hton == NULL)
+ goto err_no_hton_memory;
+
/* Historical Requirement */
plugin->data= hton; // shortcut for the future
if (plugin->plugin->init && plugin->plugin->init(hton))
@@ -540,6 +544,7 @@ err_deinit:
err:
my_free((uchar*) hton, MYF(0));
+err_no_hton_memory:
plugin->data= NULL;
DBUG_RETURN(1);
}
Attachment: [text/bzr-bundle] bzr/mats@sun.com-20090925092954-xzvrqysqyso9mw1s.bundle
| Thread |
|---|
| • bzr commit into mysql-5.1 branch (mats:3110) Bug#47645 | Mats Kindahl | 25 Sep |
