Description:
Improper checking of BINLOG statements allows non-privileged user to crash the server. 

How to repeat:
mysql> BINLOG 'a';
ERROR 2006 (HY000): MySQL server has gone away

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x80844a00
[Switching to process 22191 thread 0x2f03]
0x001c6c9d in mysql_client_binlog_statement ()
(gdb) bt 
#0  0x001c6c9d in mysql_client_binlog_statement ()
#1  0x0009aca0 in mysql_execute_command ()
#2  0x000a2d82 in mysql_parse ()
#3  0x000a345d in dispatch_command ()
#4  0x000a51c7 in handle_one_connection ()
#5  0x90024b47 in _pthread_body ()

Suggested fix:
Limit usage of BINLOG and add validation

Verified at mysql-5.1 ChangeSet@1.2102

could not reproduce it on --with-debug=full binary, as it does not fail on first time either I suspect that a memory/state is not initialized properly

===== sql_binlog.cc 1.1 vs edited =====
--- 1.1/sql/sql_binlog.cc       2005-12-22 07:34:49 +02:00
+++ edited/sql_binlog.cc        2006-03-01 12:25:04 +02:00
@@ -58,7 +58,7 @@
 
   const char *error= 0;
   char *buf= (char *) my_malloc(event_len, MYF(MY_WME));
-  Log_event *ev;
+  Log_event *ev = 0;
   int res;
 
   /*

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/3306

When executing illegal binlog events it is almost impossible to 
avoid to crash the system, we depend too much on the fact 
that binlog events are correct (the length is e.g. encoded in the event)...  

I have been thinking that we should introduce REPLICATION or 
SUPER privilege to execute the BINLOG statement.  This 
statement is simply too powerful.

fixed in ChangeSet@1.2180.2.1

Noted in 5.1.8 changelog.

Improper checking of binary log statements could result in a 
server crash. (Bug #17457)