database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

MDEV-21341: Fix UBSAN failures: Issue Six

Browse Source 
(Variant #2 of the patch, which keeps the sp_head object inside the
MEM_ROOT that sp_head object owns)
(10.3 version of the fix, with handling for class sp_package)

sp_head::operator new() and operator delete() were dereferencing sp_head*
pointers to memory that didn't hold a valid sp_head object (it was
not created/already destroyed).
This caused UBSan to crash when looking up type information.

Fixed by providing static sp_head::create() and sp_head::destroy() methods.
This commit is contained in:
Sergei Petrunia
2020-01-12 22:15:55 +03:00
parent 9c3eca8514
commit d531b4ee3a
9 changed files with 71 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sql/sp_cache.cc
View File

@ -283,7 +283,7 @@ uchar *hash_get_key_for_sp_head(const uchar *ptr, size_t *plen,
void hash_free_sp_head(void *p)
{
sp_head *sp= (sp_head *)p;
delete sp;
sp_head::destroy(sp);
}