| Bug #90171 | SQLDriverConnect with option _no_i_s, SQLTables() may double free stmt->result | ||
|---|---|---|---|
| Submitted: | 22 Mar 2018 7:11 | Modified: | 9 Aug 2022 10:07 |
| Reporter: | Qingshun Luo | Email Updates: | |
| Status: | Unsupported | Impact on me: | |
| Category: | Connector / ODBC | Severity: | S1 (Critical) |
| Version: | 5.3.10 | OS: | Linux |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | _no_i_s, SQLTables | ||
[27 Mar 2018 13:43]
Chiranjeevi Battula
Hello qingshun luo, Thank you for the bug report. Verified based on internal discussion with dev's. Thanks, Chiranjeevi.
[9 Aug 2022 10:07]
Bogdan Degtyariov
Posted by developer: This can be a bug in the implementation of NO_I_S functionality. However, we are not going to fix this because the current plan is to remove this functionality alltogether (see WL#14586 and WL#15150). Note also that we are not fixing bugs in version 5.3 of the driver. Workaround would be not to use the NO_I_S option.
Description: Run test program "my_catalog1" provided by Connector/ODBC 5.3.10 to verify compile results. First, execute SQLDriverConnect with "OPTION=1073741824;" in connIn to connect MySQL database, which means OPTION value is 0x40000000. Then test program execute "SQLTables(hstmt, (SQLCHAR *)"%", SQL_NTS, NULL, 0, NULL, 0, NULL, 0);". Test program cores here, beacause stmt->result is double freed in function tables_no_i_s. How to repeat: Run test t_sqltables in program "my_catalog1" provided by Connector/ODBC 5.3.10. //connIn contains a full connection string int myoption = 0; myoption |= (1 << 30); SQLCHAR option[64]; sprintf((char *)option, "OPTION=%d;", myoption); strcat(connIn, option); retcode = SQLDriverConnect( hdbc, NULL, connIn, SQL_NTS, outConn, MAX_LEN, &outConnLen, SQL_DRIVER_NOPROMPT ); //SQLAllocHandle(SQL_HANDLE_STMT, *hdbc, hstmt); retcode = SQLTables(hstmt, (SQLCHAR *)"%", SQL_NTS, NULL, 0, NULL, 0, NULL, 0); mystmt(hstmt,r); Suggested fix: Set stmt->result NULL after mysql_free_result(stmt->result), in function tables_no_i_s.