Description:
The function get_binlog_rewrite_db() extracts the to_db name from the list of the from_db and to_db pairs into rewrite_to_db global variable. rewrite_to_db is a pointer which points to the memory where db_to name is stored as a null-terminated string. The memory for storing to_db string is allocated in get_binlog_rewrite_db() function every time when the element with corresponding from_db is found in binlog_rewrite_db container. But there is no place in the code where this memory is deallocated.
How to repeat:
The bellow actions was done on the code from lp:mysql-server repository revision number 6864 tag mysql-5.7.3 with -DCMAKE_BUILD_TYPE=Debug cmake option.
The bug can be repeated by launching mysqlbinlog under valgrind with --replace-db="db1->db2" option with binlog file generated by "mysql-test/suite/binlog/t/binlog_mysqlbinlog_rewrite_db.test" test. To make things easier I will attach this binlog file.
The following is the example of how bug can be repeated:
valgrind --leak-check=full ../client/mysqlbinlog --rewrite-db='db1->db2' /tmp/1/master-bin.000001
...
==2749== 20 bytes in 1 blocks are possibly lost in loss record 1 of 5
==2749== at 0x4C2CD7B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2749== by 0x4834A8: my_raw_malloc (my_malloc.c:157)
==2749== by 0x483156: my_malloc (my_malloc.c:48)
==2749== by 0x416D6D: get_binlog_rewrite_db(char const*) (log_event.cc:194)
==2749== by 0x416E4B: rewrite_buffer(char**, int, Format_description_log_event const*) (log_event.cc:239)
==2749== by 0x417A38: Log_event::read_log_event(st_io_cache*, Format_description_log_event const*, char) (log_event.cc:1546)
==2749== by 0x40F10E: dump_local_log_entries(st_print_event_info*, char const*) (mysqlbinlog.cc:2709)
==2749== by 0x40D368: dump_log_entries(char const*) (mysqlbinlog.cc:1954)
==2749== by 0x40F90E: main (mysqlbinlog.cc:2981)
As well there are another memory leaks in valgrind report.
