From 92a8b3b529bb90378c3b6c86d8eb48e80457770d Mon Sep 17 00:00:00 2001 From: Pavol Sloboda Date: Mon, 14 Apr 2025 11:47:59 +0200 Subject: [PATCH] fix: fixed the posible read of NULL when strdup fails thus resulting in rpl->filename being NULL by setting an error signalling that we ran out of memory to ease the debugging of the mariadb_rpl_options function and make it clearer if it ever fails because of this. Also added va_end in this case to avoid the va_list (ap) leaking when we return from this function and then returning 1 from the fucntion. --- libmariadb/mariadb_rpl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libmariadb/mariadb_rpl.c b/libmariadb/mariadb_rpl.c index 36210c2d..38868fc6 100644 --- a/libmariadb/mariadb_rpl.c +++ b/libmariadb/mariadb_rpl.c @@ -1982,6 +1982,12 @@ int STDCALL mariadb_rpl_optionsv(MARIADB_RPL *rpl, else if (arg1) { rpl->filename= strdup((const char *)arg1); + if (!rpl->filename) + { + va_end(ap); + rpl_set_error(rpl, CR_OUT_OF_MEMORY, 0); + return 1; + } rpl->filename_length= (uint32_t)strlen(rpl->filename); } break;