diff options
author | Shishir Jaiswal <shishir.j.jaiswal@oracle.com> | 2015-07-08 11:53:54 +0530 |
---|---|---|
committer | Shishir Jaiswal <shishir.j.jaiswal@oracle.com> | 2015-07-08 11:53:54 +0530 |
commit | bf681d6bb341411a8b17abeda8e723368545d48d (patch) | |
tree | 88c918ba447c871d976bdf58d0515fbf715cfa24 /client | |
parent | 359f102ad157adaacc904a1c81f5ddcb9ce3662b (diff) | |
download | mariadb-git-bf681d6bb341411a8b17abeda8e723368545d48d.tar.gz |
Bug #20802751 - SEGMENTATION FAILURE WHEN RUNNING
MYSQLADMIN -U ROOT -P
DESCRIPTION
===========
Crash occurs when no command is given while executing
mysqladmin utility.
ANALYSIS
========
In mask_password() the final write to array 'temp_argv'
is done without checking if corresponding index 'argc'
is valid (non-negative) or not. In case its negative
(would happen when this function is called with 'argc'=0),
it may cause a SEGFAULT. Logically in such a case,
mask_password() should not have been called as it would do
no valid thing.
FIX
===
mask_password() is now called after checking 'argc'. This
function is now called only when 'argc' is positive
otherwise the process terminates
Diffstat (limited to 'client')
-rw-r--r-- | client/mysqladmin.cc | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/client/mysqladmin.cc b/client/mysqladmin.cc index 2a1f8b521f0..e8bb4a1a27c 100644 --- a/client/mysqladmin.cc +++ b/client/mysqladmin.cc @@ -1,5 +1,5 @@ /* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -319,8 +319,6 @@ int main(int argc,char *argv[]) free_defaults(save_argv); exit(ho_error); } - temp_argv= mask_password(argc, &argv); - temp_argc= argc; if (debug_info_flag) my_end_arg= MY_CHECK_ERROR | MY_GIVE_INFO; @@ -332,6 +330,10 @@ int main(int argc,char *argv[]) usage(); exit(1); } + + temp_argv= mask_password(argc, &argv); + temp_argc= argc; + commands = temp_argv; if (tty_password) opt_password = get_tty_password(NullS); |