diff options
| author | Sujatha <sujatha.sivakumar@mariadb.com> | 2020-01-24 13:35:03 +0530 |
|---|---|---|
| committer | Sujatha <sujatha.sivakumar@mariadb.com> | 2020-01-24 13:35:03 +0530 |
| commit | 599a06098b967db3d636c1053bdbdd0011cba606 (patch) | |
| tree | 7a753100c587c097e3ac9a3e3ecbe6be938c551e /sql/log_event.h | |
| parent | 982294ac1680938ac9223fb64a64e21f0cbc322a (diff) | |
| download | mariadb-git-599a06098b967db3d636c1053bdbdd0011cba606.tar.gz | |
MDEV-21490: binlog tests fail with valgrind: Conditional jump or move depends on uninitialised value in sql_ex_info::init
Problem:
=======
P1) Conditional jump or move depends on uninitialised value(s)
sql_ex_info::init(char const*, char const*, bool) (log_event.cc:3083)
code: All the following variables are not initialized.
----
return ((cached_new_format != -1) ? cached_new_format :
(cached_new_format=(field_term_len > 1 || enclosed_len > 1 ||
line_term_len > 1 || line_start_len > 1 || escaped_len > 1)));
P2) Conditional jump or move depends on uninitialised value(s)
Rows_log_event::Rows_log_event(char const*, unsigned
int, Format_description_log_event const*) (log_event.cc:9571)
Code: Uninitialized values is reported for 'var_header_len' variable.
----
if (var_header_len < 2 || event_len < static_cast<unsigned
int>(var_header_len + (post_start - buf)))
P3) Conditional jump or move depends on uninitialised value(s)
Table_map_log_event::pack_info(Protocol*) (log_event.cc:11553)
code:'m_table_id' is uninitialized.
----
void Table_map_log_event::pack_info(Protocol *protocol)
...
size_t bytes= my_snprintf(buf, sizeof(buf), "table_id: %lu (%s.%s)",
m_table_id, m_dbnam, m_tblnam);
Fix:
===
P1 - Fix)
Initialize cached_new_format,field_term_len, enclosed_len, line_term_len,
line_start_len, escaped_len members in default constructor.
P2 - Fix)
"var_header_len" is initialized by reading the event buffer. In case of an
invalid event the buffer will contain invalid data. Hence added a check to
validate the event data. If event_len is smaller than valid header length
return immediately.
P3 - Fix)
'm_table_id' within Table_map_log_event is initialized by reading data from
the event buffer. Use 'VALIDATE_BYTES_READ' macro to validate the current
state of the buffer. If it is invalid return immediately.
Diffstat (limited to 'sql/log_event.h')
| -rw-r--r-- | sql/log_event.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/sql/log_event.h b/sql/log_event.h index 2c8dc3d7353..1337e9a7d69 100644 --- a/sql/log_event.h +++ b/sql/log_event.h @@ -2057,7 +2057,15 @@ public: /* !!! Public in this patch to allow old usage */ ****************************************************************************/ struct sql_ex_info { - sql_ex_info() {} /* Remove gcc warning */ + sql_ex_info(): + cached_new_format(-1), + field_term_len(0), + enclosed_len(0), + line_term_len(0), + line_start_len(0), + escaped_len(0), + empty_flags(0) + {} /* Remove gcc warning */ const char* field_term; const char* enclosed; const char* line_term; |