MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:ramil Date:January 17 2007 12:53pm
Subject:bk commit into 5.1 tree (ramil:1.2386) BUG#23810
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of ram. When ram does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-01-17 16:53:07+04:00, ramil@stripped +1 -0
  Fix for bug #23810: Server crashes on various "show status ..." commands
  
  We access some variable values using casts like *(long *) buff
  that may cause crashes on some platforms (e.g. solaris 64) if buff is
  not properly aligned.
  Fix: use my_alloca() to ensure the buff is properly aligned.
  

  sql/sql_show.cc@stripped, 2007-01-17 16:53:05+04:00, ramil@stripped +12 -3
    Fix for bug #23810: Server crashes on various "show status ..." commands
      - use my_alloca() to ensure buff is properly aligned (instead of the stack).

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	ramil
# Host:	ramil.myoffice.izhnet.ru
# Root:	/home/ram/work/b23810.1/b23810.1.5.1

--- 1.384/sql/sql_show.cc	2007-01-17 16:53:11 +04:00
+++ 1.385/sql/sql_show.cc	2007-01-17 16:53:11 +04:00
@@ -2021,7 +2021,7 @@ static bool show_status_array(THD *thd, 
                               const char *prefix, TABLE *table,
                               bool ucase_names)
 {
-  char buff[SHOW_VAR_FUNC_BUFF_SIZE], *prefix_end;
+  char *buff, *prefix_end;
   /* the variable name should not be longer than 64 characters */
   char name_buffer[64];
   int len;
@@ -2029,6 +2029,12 @@ static bool show_status_array(THD *thd, 
   SHOW_VAR tmp, *var;
   DBUG_ENTER("show_status_array");
 
+  /* 
+    As we use 'buff' not only as char* (see type casts below) we should 
+    ensure it's aligned, as it's critical on some platforms (e.g. solaris).
+  */
+  if (!(buff= (char *) my_alloca(SHOW_VAR_FUNC_BUFF_SIZE)))
+    return 1;
   null_lex_str.str= 0;				// For sys_var->value_ptr()
   null_lex_str.length= 0;
 
@@ -2148,12 +2154,15 @@ static bool show_status_array(THD *thd, 
         table->field[1]->store(pos, (uint32) (end - pos), system_charset_info);
         table->field[1]->set_notnull();
         if (schema_table_store_record(thd, table))
-          DBUG_RETURN(TRUE);
+          goto err;
       }
     }
   }
-
+  my_afree(buff);
   DBUG_RETURN(FALSE);
+err:
+  my_afree(buff);
+  DBUG_RETURN(TRUE);
 }
 
 
Thread
bk commit into 5.1 tree (ramil:1.2386) BUG#23810ramil17 Jan