diff options
| author | unknown <svoj@mysql.com/june.mysql.com> | 2008-03-20 19:07:17 +0400 |
|---|---|---|
| committer | unknown <svoj@mysql.com/june.mysql.com> | 2008-03-20 19:07:17 +0400 |
| commit | 8030bdfc16a647c15e0de5e07b5f53d263ef5ca2 (patch) | |
| tree | 0ea585c816f892e7d7167a1ef6f609196a3a0bb3 | |
| parent | 7343db297a1f1ab08812c9b4471306535551ddec (diff) | |
| download | mariadb-git-8030bdfc16a647c15e0de5e07b5f53d263ef5ca2.tar.gz | |
BUG#34788 - malformed federated connection url is not handled
correctly - crashes server !
Creating federated table with connect string containing empty
(zero-length) host name and port is evaluated as 0 (port is
incorrect, omitted or 0) crashes server.
This happens because federated calls strcmp() with NULL pointer.
Fixed by avoiding strcmp() call if hostname is set to NULL.
mysql-test/r/federated.result:
A test case for BUG#34788.
mysql-test/t/federated.test:
A test case for BUG#34788.
sql/ha_federated.cc:
Fixed that parse_url() may call strcmp() with NULL pointer.
| -rw-r--r-- | mysql-test/r/federated.result | 2 | ||||
| -rw-r--r-- | mysql-test/t/federated.test | 7 | ||||
| -rw-r--r-- | sql/ha_federated.cc | 9 |
3 files changed, 17 insertions, 1 deletions
diff --git a/mysql-test/r/federated.result b/mysql-test/r/federated.result index 3a934e7fe3c..685e4d0c335 100644 --- a/mysql-test/r/federated.result +++ b/mysql-test/r/federated.result @@ -2069,6 +2069,8 @@ a b 1 1 DROP TABLE t1; DROP TABLE t1; +CREATE TABLE t1 (a INT) ENGINE=federated CONNECTION='mysql://@:://'; +DROP TABLE t1; DROP TABLE IF EXISTS federated.t1; DROP DATABASE IF EXISTS federated; DROP TABLE IF EXISTS federated.t1; diff --git a/mysql-test/t/federated.test b/mysql-test/t/federated.test index 934db5cd68b..f33dfa3a1b8 100644 --- a/mysql-test/t/federated.test +++ b/mysql-test/t/federated.test @@ -1738,4 +1738,11 @@ DROP TABLE t1; connection slave; DROP TABLE t1; +# +# BUG#34788 - malformed federated connection url is not handled correctly - +# crashes server ! +# +CREATE TABLE t1 (a INT) ENGINE=federated CONNECTION='mysql://@:://'; +DROP TABLE t1; + source include/federated_cleanup.inc; diff --git a/sql/ha_federated.cc b/sql/ha_federated.cc index c0743bd6c9a..a5e4714c53a 100644 --- a/sql/ha_federated.cc +++ b/sql/ha_federated.cc @@ -643,12 +643,19 @@ static int parse_url(FEDERATED_SHARE *share, TABLE *table, if ((strchr(share->table_name, '/'))) goto error; + /* + If hostname is omitted, we set it to NULL. According to + mysql_real_connect() manual: + The value of host may be either a hostname or an IP address. + If host is NULL or the string "localhost", a connection to the + local host is assumed. + */ if (share->hostname[0] == '\0') share->hostname= NULL; if (!share->port) { - if (strcmp(share->hostname, my_localhost) == 0) + if (!share->hostname || strcmp(share->hostname, my_localhost) == 0) share->socket= my_strdup(MYSQL_UNIX_ADDR, MYF(0)); else share->port= MYSQL_PORT; |