diff options
author | Andrei <andrei.elkin@mariadb.com> | 2022-08-30 00:26:20 +0300 |
---|---|---|
committer | Andrei <andrei.elkin@mariadb.com> | 2022-09-07 20:35:43 +0300 |
commit | 5563202089e78855ad9295a3526a70e766d8a42d (patch) | |
tree | 6915bcd142b3b73ab59e4f07251fd627da09fb64 /sql/log_event.h | |
parent | 80cf7a4c43209a91ac6514ac3ea0dd0b592e17f0 (diff) | |
download | mariadb-git-5563202089e78855ad9295a3526a70e766d8a42d.tar.gz |
MDEV-29322 ASAN heap-use-after-free in Query_log_event::do_apply_event
The ASAN report was made in the parallel slave execution of a query
event and implicitly involved (so also parallelly run) Format-Description
event.
The Query actually had unexpected impossible dependency on a preceding
"old" FD whose instance got destructed, to cause the ASAN error.
The case is fixed with storing the FD's value into Query-log-event
at its instantiating on slave. The stored value is from the very
FD of the Query's original binlog so remains to be correct
at the query event applying.
The branch C. of a new rpl_parallel_29322.test also demonstrates
(may need few --repeat though) the bug in its simple form of the same
server version binlog.
Diffstat (limited to 'sql/log_event.h')
-rw-r--r-- | sql/log_event.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sql/log_event.h b/sql/log_event.h index 4c2ee3e484e..096d8587848 100644 --- a/sql/log_event.h +++ b/sql/log_event.h @@ -2088,7 +2088,7 @@ public: flags2==0 (5.0 master, we know this has a meaning of flags all down which must influence the query). */ - bool flags2_inited; + uint32 flags2_inited; bool sql_mode_inited; bool charset_inited; |