Description:
If I run "mysql </dev/null", I get a segfault from the client binary:
$ mysql --version
mysql Ver 14.12 Distrib 5.0.54, for pc-linux-gnu (x86_64) using readline 5.2
$ mysql /dev/null
Segmentation fault
$ gdb mysql
(gdb) run </dev/null
[...]
Program received signal SIGSEGV, Segmentation fault.
read_and_execute (interactive=false) at mysql.cc:1062
(gdb) bt
#0 read_and_execute (interactive=false) at mysql.cc:1062
#1 0x000000000040b98c in main (argc=9, argv=0x6173a8) at mysql.cc:499
(gdb) list
1057 Skip UTF8 Byte Order Marker (BOM) 0xEFBBBF.
1058 Editors like "notepad" put this marker in
1059 the very beginning of a text file when
1060 you save the file using "Unicode UTF-8" format.
1061 */
1062 if (!line_number &&
1063 (uchar) line[0] == 0xEF &&
1064 (uchar) line[1] == 0xBB &&
1065 (uchar) line[2] == 0xBF)
1066 line+= 3;
(gdb) p line_number
$1 = 0
(gdb) p line[0]
Cannot access memory at address 0x0
(gdb) p line[1]
Cannot access memory at address 0x1
(gdb) p line[2]
Cannot access memory at address 0x2
The problem appears to be that this logic isn't testing for "line" being NULL before dereferencing it.
How to repeat:
Run "mysql </dev/null" (with appropriate connection options to actually connect to a database if necessary).
Suggested fix:
Add "line &&" to the start of that conditional.