Bug #1470 Huge memory allocation in mysql_prepare (embedded)
Submitted: 3 Oct 2003 0:42 Modified: 5 Oct 2003 23:29
Reporter: Georg Richter Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Embedded Library ( libmysqld ) Severity:S1 (Critical)
Version:4.1.1 OS:
Assigned to: Alexey Botchkov CPU Architecture:Any

[3 Oct 2003 0:42] Georg Richter
Description:
If the number of parameter doesn't match in mysql_prepare, stmt->param_count becomes an 
incredible high value (2779096485). 
 
alloc_root(&stmt->mem_root,sizeof(MYSQL_BIND)*(stmt->param_count + stmt->field_count)))) 
 
will now allocate all this memory :( 

How to repeat:
... 
 
mysql_query(mysql, "CREATE TABLE mem_bug (a int, b int)"); 
stmt = mysql_prepare(mysql, "INSERT INTO mem_bug (a,b) VALUES (?)", 100);
[3 Oct 2003 0:43] Georg Richter
assigned to the right Alexey :)
[5 Oct 2003 23:29] Alexey Botchkov
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html

changeset 1.1613