MySQL Bugs: #57106: Robustness of memcpy calls in the performance schema

Bug #57106	Robustness of memcpy calls in the performance schema
Submitted:	29 Sep 2010 16:04	Modified:	11 Dec 2010 17:05
Reporter:	Marc ALFF	Email Updates:
Status:	Closed	Impact on me:	None
Category:	MySQL Server: Performance Schema	Severity:	S3 (Non-critical)
Version:	5.6	OS:	Any
Assigned to:	Marc ALFF	CPU Architecture:	Any

Description:
This bug is a follow up of:

Bug#56761 Segfault on CHECKSUM TABLE performance_schema.EVENTS_WAITS_HISTORY EXTENDED

The same issue with robustness of calls to memcpy() needs to be fixed for the new tables implemented in 5.6 only: THREADS, SETUP_ACTORS.

The length of a buffer needs to be sanitized before calling memcpy, in table_setup_actors.cc and table_threads.cc

How to repeat:
Read the code

Suggested fix:
Same as bug#56761

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/120308

3321 Marc Alff	2010-10-07
      Bug#57106 Robustness of memcpy calls in the performance schema
      
      Before this fix:
      - SELECT * from SETUP_ACTORS
      - SELECT * from THREADS
      could lead to crashes inside a memcpy,
      because the length of the memory to copy was not checked.
      
      This fix makes these tables more robust to invalid data,which can be produced with edge conditions when the record read is changing.

Ok to push.

Pushed into mysql-next-mr-bugfixing

Pushed into mysql-trunk 5.6.99-m5 (revid:alexander.nozdrin@oracle.com-20101113155825-czmva9kg4n31anmu) (version source revid:vasil.dimov@oracle.com-20100629074804-359l9m9gniauxr94) (merge vers: 5.6.99-m4) (pib:21)

Pushed into mysql-next-mr (revid:alexander.nozdrin@oracle.com-20101113160336-atmtmfb3mzm4pz4i) (version source revid:jimmy.yang@oracle.com-20100804103744-vbpeghipkz6pyc9z) (pib:21)

Bug not present in any 5.6.x release. No changelog entry needed.