Bug #34587 | Creating a view inside a stored procedure leads to a server crash | ||
---|---|---|---|
Submitted: | 15 Feb 2008 10:56 | Modified: | 15 Mar 2008 11:03 |
Reporter: | Davi Arnaut (OCA) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Stored Routines | Severity: | S3 (Non-critical) |
Version: | 5.1+ | OS: | Any |
Assigned to: | Davi Arnaut | CPU Architecture: | Any |
[15 Feb 2008 10:56]
Davi Arnaut
[15 Feb 2008 11:41]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/42344 ChangeSet@1.2552, 2008-02-15 09:40:55-02:00, davi@mysql.com +5 -0 Bug#34587 Creating a view inside a stored procedure leads to a server crash The problem is that when a stored procedure is being parsed for the first execution, the body is copied to a temporary buffer which is disregarded sometime after the statement is parsed. And during this parsing phase, the rule for CREATE VIEW was holding a reference to the string being parsed for use during the execution of the CREATE VIEW statement, leading to invalid memory access later. The solution is to allocate and copy the SELECT of a CREATE VIEW statement using the thread memory root, which is set to the permanent arena of the stored procedure.
[20 Feb 2008 14:45]
Konstantin Osipov
Approved by email.
[20 Feb 2008 20:27]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/42699 ChangeSet@1.2552, 2008-02-20 17:26:50-03:00, davi@mysql.com +5 -0 Bug#34587 Creating a view inside a stored procedure leads to a server crash The problem is that when a stored procedure is being parsed for the first execution, the body is copied to a temporary buffer which is disregarded sometime after the statement is parsed. And during this parsing phase, the rule for CREATE VIEW was holding a reference to the string being parsed for use during the execution of the CREATE VIEW statement, leading to invalid memory access later. The solution is to allocate and copy the SELECT of a CREATE VIEW statement using the thread memory root, which is set to the permanent arena of the stored procedure.
[20 Feb 2008 20:30]
Davi Arnaut
Queued in 5.1-runtime
[3 Mar 2008 18:19]
Bugs System
Pushed into 5.1.24-rc
[3 Mar 2008 18:20]
Bugs System
Pushed into 6.0.5-alpha
[15 Mar 2008 11:03]
Jon Stephens
Documented bugfix in the 5.1.24 and 6.0.5 changelogs as follows: Creating a view inside a stored procedure could lead to a crash of the MySQL Server.
[2 Apr 2008 19:58]
Jon Stephens
Also noted in the 5.1.23-ndb-6.3.11 changelog.