Bug #93851 | Buffer underflow in fix_paths | ||
---|---|---|---|
Submitted: | 8 Jan 2019 12:15 | Modified: | 9 Jan 2019 7:55 |
Reporter: | Zsolt Parragi (OCA) | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Options | Severity: | S3 (Non-critical) |
Version: | 5.7, not 8.0 | OS: | Any |
Assigned to: | CPU Architecture: | Any |
[8 Jan 2019 12:15]
Zsolt Parragi
[9 Jan 2019 7:36]
Laurynas Biveinis
The commit to backport would be commit ce1fd349764018574ba6c7dc000dbc73279222bd Author: Dyre Tjeldvoll <Dyre.Tjeldvoll@oracle.com> Date: Fri Apr 21 10:48:26 2017 +0200 Bug#25914296: OUT-OF-BOUNDS READ IN MYSQLD.CC FIX_PATHS Problem: Using --basedir= would result in an out-of-bounds read ASAN error. Root cause was a failure to check if mysql_home is empty when checking if mysql_home ends with FN_LIBCHAR. The test used, strend(mysql_home)[-1]==FN_LIBCHAR, leads to out-of-bounds read when mysql_home is empty and strend(mysql_home)==mysql_home. Solution: Add a separate check for strend(mysql_home)==mysql_home.
[9 Jan 2019 7:55]
MySQL Verification Team
Hello Zsolt Parragi, Thank you for the report. Thanks, Umesh