Bug #32318 mysql_fetch_fields() and mysql_fetch_lengths() should return 'const'
Submitted: 13 Nov 2007 13:34 Modified: 14 Nov 2007 9:51
Reporter: Brad House Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: C API (client library) Severity:S3 (Non-critical)
Version:5.0,5.1,6 OS:Any
Assigned to: CPU Architecture:Any
Triage: D4 (Minor)

[13 Nov 2007 13:34] Brad House
Description:
The functions
MYSQL_FIELD *mysql_fetch_fields(MYSQL_RES *result);
and
unsigned long *mysql_fetch_lengths(MYSQL_RES *result);

Both return values to internal memory segments which should not be free()'d by the end-user.  The documentation does not state this, and the return datatype does not suggest this.

Other functions may be affected in the same way, these are the two main ones I've run across.

How to repeat:
Try to free() the result of mysql_fetch_fields() or mysql_fetch_lengths() and you will get a double-free crash.

Suggested fix:
The return values should be 'const' a la:
const MYSQL_FIELD *mysql_fetch_fields(MYSQL_RES *result)
and
const unsigned long *mysql_fetch_lengths(MYSQL_RES *result);
To let a programmer know they are not to be touched/free()'d.

If that change cannot be made because of API breakage (even though it shouldn't actually cause an ABI break, and would simply add a warning to people storing the result in a non-const variable at compile-time), at a minimum, a note in the documentation for those functions should state not to free the output buffer.