Bug #116525 basename_prefix_find may cause memory access to go out of bounds
Submitted: 1 Nov 2024 10:13 Modified: 5 Nov 2024 0:40
Reporter: Baolin Huang (OCA) Email Updates:
Status: Can't repeat Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: CPU Architecture:Any

[1 Nov 2024 10:13] Baolin Huang 
Description:
LOG_SUBSYSTEM_TAG uses __FILE to determine the subsystem (Server or
Repl) of the log.
__FILE__ sometimes returns a relative address, which
will cause memory access to go out of bounds

How to repeat:
We have encountered this in PGO optimized programs.

Suggested fix:
diff --git a/include/my_basename.h b/include/my_basename.h
index a1cd2ada77c..28ac6b09e73 100644
--- a/include/my_basename.h
+++ b/include/my_basename.h
@@ -46,6 +46,11 @@ constexpr const char *basename_prefix_eval(const char *const path) {
 }
 
 constexpr int basename_prefix_find(const char *const path, const int index) {
+  // '__FILE__' may return a relative path without '/' nor '\'
+  // We have encountered this in PGO optimized programs.
+  if (index == 0)
+    return 0;
+
[1 Nov 2024 11:11] MySQL Verification Team 
Hi Mr. Huang,

Thank you for your bug report.

Can you provide us with the test case on the memory access going out of bounds ???

We do require a fully repeatable test cases.

Please, also provide the versions that are affected with. this behaviour.

If we repeat a test case , we shall verify this report as a bug.

Waiting on your feedback.
[4 Nov 2024 1:52] Baolin Huang 
Can you provide us with the test case on the memory access going out of bounds ???

--
1. compile mysqld with PGO
2. run the test case perfschema.error_log 

-Note    MY-011025  Repl
+Note    MY-011025  Server
[4 Nov 2024 1:54] Baolin Huang 
Please, also provide the versions that are affected with. this behaviour.

--
It is 8.0.36
[4 Nov 2024 10:08] MySQL Verification Team 
Hi Mr. Huang,

Thank you for your feedback.

However, we are not able to repeat what you are reporting.

First of all, what is PGO ???

Next, we do know about the test that you are mentioning.

Third, we are also testing with latest release, which is 8.0.40 on any of the supported platforms.

Hence, are you limiting this report on some specific platform and is it among the supported ones, listed on https://dev.mysql.com ???

We are waiting on your response.
[5 Nov 2024 0:40] Baolin Huang 
PGO is short for profile guided optimization.

https://dev.mysql.com/doc/refman/8.4/en/source-configuration-options.html#option_cmake_fpr...
[5 Nov 2024 10:10] MySQL Verification Team 
Hi Mr. Huang,

We do not use that abbreviation in our Manual, hence, we could not have known what you implied.

You have mentioned that a test will fail in 8.4, but that option is also available in 8.0.

Hence, does a test fails in 8.0 as well ?????

Thanks in advance.