Bug #31850 | Test crashes in "embedded" server | ||
---|---|---|---|
Submitted: | 25 Oct 2007 13:42 | Modified: | 13 Nov 2007 19:20 |
Reporter: | Joerg Bruehe | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Embedded Library ( libmysqld ) | Severity: | S3 (Non-critical) |
Version: | 5.1.23 (pre) | OS: | Linux (x86) |
Assigned to: | Davi Arnaut | CPU Architecture: | Any |
[25 Oct 2007 13:42]
Joerg Bruehe
[25 Oct 2007 18:10]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/36359 ChangeSet@1.2600, 2007-10-25 16:09:59-03:00, davi@moksha.local +2 -0 Bug#31850 Test crashes in "embedded" serve The mysql_change_user commit fails to properly update the database pointer when no database is selected, leading to "use after free" errors. The same happens on the user privilege pointer in the thread security context. The solution is to properly reset and update the database and the user pointer so that it doesn't point to freed memory.
[26 Oct 2007 17:24]
Davi Arnaut
s/commit/command/
[1 Nov 2007 12:12]
Konstantin Osipov
Approved by email.
[1 Nov 2007 19:29]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/36917 ChangeSet@1.2607, 2007-11-01 17:29:20-02:00, davi@endora.local +2 -0 Bug#31850 Test crashes in "embedded" server The mysql_change_user command fails to properly update the database pointer when no database is selected, leading to "use after free" errors. The same happens on the user privilege pointer in the thread security context. The solution is to properly reset and update the database name. Also update the user_priv pointer so that it doesn't point to freed memory.
[7 Nov 2007 21:59]
Bugs System
Pushed into 6.0.4-alpha
[7 Nov 2007 22:00]
Bugs System
Pushed into 5.1.23-rc
[13 Nov 2007 19:20]
Paul DuBois
Noted in 5.1.23, 6.0.4 changelogs. For libmysqld applications, handling of mysql_change_user() calls left some pointers improperly updated, leading to server crashes.