MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Marc Alff Date:September 17 2010 7:03pm
Subject:bzr commit into mysql-5.5-bugfixing branch (marc.alff:3210) Bug#50557
View as plain text  
#At file:///home/malff/BZR_TREE/mysql-5.5-bugfixing-50557/ based on revid:marc.alff@stripped

 3210 Marc Alff	2010-09-17
      Bug#50557 checksum table crashes server when used in performance_schema
      CHECKSUM TABLE for performance schema tables could cause uninitialized
      memory reads.
      The root cause is a design flaw in the implementation of
      mysql_checksum_table(), which do not honor null fields.
      However, fixing this bug in CHECKSUM TABLE is risky, as it can cause the
      checksum value to change.
      This fix implements a work around, to systematically reset fields values
      even for null fields, so that the field memory representation is always
      initialized with a known value.

=== modified file 'storage/perfschema/'
--- a/storage/perfschema/	2010-08-12 14:08:52 +0000
+++ b/storage/perfschema/	2010-09-17 19:03:09 +0000
@@ -223,6 +223,8 @@ int PFS_engine_table::read_row(TABLE *ta
                                Field **fields)
   my_bitmap_map *org_bitmap;
+  Field *f;
+  Field **fields_reset;
     Make sure the table structure is as expected before mapping
@@ -240,6 +242,16 @@ int PFS_engine_table::read_row(TABLE *ta
   /* We internally write to Fields to support the read interface */
   org_bitmap= dbug_tmp_use_all_columns(table, table->write_set);
+  /*
+    Some callers of the storage engine interface do not honor the
+    f->is_null() flag, and will attempt to read the data itself.
+    A known offender is mysql_checksum_table().
+    For robustness, reset every field.
+  */
+  for (fields_reset= fields; (f= *fields_reset) ; fields_reset++)
+    f->reset();
   int result= read_row_values(table, buf, fields, read_all);
   dbug_tmp_restore_column_map(table->write_set, org_bitmap);

Attachment: [text/bzr-bundle] bzr/
bzr commit into mysql-5.5-bugfixing branch (marc.alff:3210) Bug#50557Marc Alff17 Sep