database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-01-06 05:22:24 +03:00
Code Activity

Bug#51377 Crash in information_schema / processlist on concurrent DDL workload

Browse Source 
the fill_schema_processlist function accesses THD::query() without proper protection
    so the parallel thread killing can lead to access to the freed meemory.

per-file comments:
  sql/sql_load.cc
Bug#51377      Crash in information_schema / processlist on concurrent DDL workload
    the THD::set_query_inner() call needs to be protected.
    But here we don't need to change the original thd->query() at all.
  sql/sql_show.cc
Bug#51377      Crash in information_schema / processlist on concurrent DDL workload
    protect the THD::query() access with the THD::LOCK_thd_data mutex.
This commit is contained in:
Alexey Botchkov
2010-03-09 14:19:10 +04:00
parent 56f42962ff
commit 7feb51da5a
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
sql/sql_load.cc
View File

@@ -689,12 +689,10 @@ static bool write_execute_load_query_log_event(THD *thd, sql_exchange* ex,
strcpy(end, p);
end += pl;
thd->set_query_inner(load_data_query, end - load_data_query);
Execute_load_query_log_event
e(thd, thd->query(), thd->query_length(),
(uint) ((char*) fname_start - (char*) thd->query() - 1),
(uint) ((char*) fname_end - (char*) thd->query()),
e(thd, load_data_query, end-load_data_query,
(uint) ((char*) fname_start - load_data_query - 1),
(uint) ((char*) fname_end - load_data_query),
(duplicates == DUP_REPLACE) ? LOAD_DUP_REPLACE :
(ignore ? LOAD_DUP_IGNORE : LOAD_DUP_ERROR),
transactional_table, FALSE, errcode);