Bug #13407 Remote connecting chrashes server
Submitted: 22 Sep 2005 15:31 Modified: 23 Sep 2005 15:29
Reporter: Hakan Küçükyılmaz Email Updates:
Status: Closed Impact on me:
Category:MySQL Server Severity:S1 (Critical)
Version:5.0.14 OS:Linux (Linux)
Assigned to: Dmitry Lenev CPU Architecture:Any

[22 Sep 2005 15:31] Hakan Küçükyılmaz
Remote connecting chrashes server

How to repeat:
Connect to MySQL using TCP/IP:

mysql -uroot -psome_password -h192.168.0.123 test

Suggested fix:
Andrey says that this CS could cause the chrash

ChangeSet 1.1963.6.2 2005/09/20 21:20:38 
 WL#2787 (Add view definer/owner to the view definition (.frm) to check privileges on used tables and stored routines when using a VIEW.)
 Part 2 postreview fixes.
sql/item_strfunc.cc 1.253 2005/09/20 21:20:32 bell@sanja.is.com.ua
 fixed USER() function
[22 Sep 2005 15:33] Andrey Hristov
(gdb) bt
#0 0x080907d3 in Item_func_user::val_str (this=0x8c76c30, str=0xbfffde90) at item_strfunc.cc:1617
#1 0x08057c07 in Item::send (this=0x8c76c30, protocol=0x8c52250, buffer=0xbfffde90) at item.cc:4250
#2 0x080c8407 in select_send::send_data (this=0x8c76d38, items=@0x0) at sql_class.cc:919
#3 0x0812826a in JOIN::exec (this=0x8c76d48) at sql_select.cc:1211
#4 0x0812a60c in mysql_select (thd=0x8c517f8, rref_pointer_array=0x8c51b74, tables=0x0, wild_num=0,
fields=@0x0, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0,
select_options=2156153344, result=0x8c76d38, unit=0x8c51848, select_lex=0x8c51a5c) at sql_select.cc:2093
#5 0x08125903 in handle_select (thd=0x8c517f8, lex=0x8c51838, result=0x8c76d38, setup_tables_done_option=0)
at sql_select.cc:238
#6 0x080eda41 in mysql_execute_command (thd=0x8c517f8) at sql_parse.cc:2487
#7 0x080f61b7 in mysql_parse (thd=0x8c517f8, inBuf=0x8c76be8 "select USER()", length=13)
at sql_parse.cc:5507
#8 0x080ebcb3 in dispatch_command (command=COM_QUERY, thd=0x8c517f8, packet=0x8c39219 "", packet_length=14)
at sql_parse.cc:1685
#9 0x080eb53b in do_command (thd=0x8c517f8) at sql_parse.cc:1486
#10 0x080ea6ad in handle_one_connection (arg=0x0) at sql_parse.cc:1137
#11 0x080da060 in create_new_thread (thd=0x8c517f8) at mysqld.cc:3663
#12 0x080da724 in handle_connections_sockets (arg=0x0) at mysqld.cc:3935
[22 Sep 2005 19:02] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

[23 Sep 2005 15:29] Dmitry Lenev
Fixed in 5.0.14. Since bug was introduced in 5.0.14, no ChangeLog entry needed.