diff options
author | Nirbhay Choubey <nirbhay.choubey@sun.com> | 2011-01-13 15:56:42 +0530 |
---|---|---|
committer | Nirbhay Choubey <nirbhay.choubey@sun.com> | 2011-01-13 15:56:42 +0530 |
commit | cbeb4e7630e7f8d961b3dbb6450c8cc7c160abfe (patch) | |
tree | f436763ab26b388e60eddf53464869fca9b16c21 /client/mysqlslap.c | |
parent | bfd17a8202cca2d884f30ba422f09befdbb0786f (diff) | |
download | mariadb-git-cbeb4e7630e7f8d961b3dbb6450c8cc7c160abfe.tar.gz |
Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring
null from mysql_store_result.
mysqlslap segfaults at a point when it tries to fetch rows from
the result set.
Under some circumstances, mysql_store_result can return 'NULL',
even after query execution (mysql_query) succeeds, and eventually
a segfault might occur if same unchecked return value is passed
to mysql_fetch_row.
Fixed by adding a check on mysql_store_result's return value.
Diffstat (limited to 'client/mysqlslap.c')
-rw-r--r-- | client/mysqlslap.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/client/mysqlslap.c b/client/mysqlslap.c index b1eafe0082c..3b5c14dd74b 100644 --- a/client/mysqlslap.c +++ b/client/mysqlslap.c @@ -1519,7 +1519,12 @@ generate_primary_key_list(MYSQL *mysql, option_string *engine_stmt) exit(1); } - result= mysql_store_result(mysql); + if (!(result= mysql_store_result(mysql))) + { + fprintf(stderr, "%s: Error when storing result: %d %s\n", + my_progname, mysql_errno(mysql), mysql_error(mysql)); + exit(1); + } primary_keys_number_of= mysql_num_rows(result); /* So why check this? Blackhole :) */ @@ -1891,10 +1896,15 @@ limit_not_met: { if (mysql_field_count(mysql)) { - result= mysql_store_result(mysql); - while ((row = mysql_fetch_row(result))) - counter++; - mysql_free_result(result); + if (!(result= mysql_store_result(mysql))) + fprintf(stderr, "%s: Error when storing result: %d %s\n", + my_progname, mysql_errno(mysql), mysql_error(mysql)); + else + { + while ((row= mysql_fetch_row(result))) + counter++; + mysql_free_result(result); + } } } while(mysql_next_result(mysql) == 0); queries++; |