diff options
| author | unknown <thek@adventure.(none)> | 2007-11-19 17:59:44 +0100 |
|---|---|---|
| committer | unknown <thek@adventure.(none)> | 2007-11-19 17:59:44 +0100 |
| commit | bb681dbc883343ed2c503c15833720f8da499317 (patch) | |
| tree | 38840a14fc2e8e497e55ade1ff13ac6ef617c0d5 /sql/mysqld.cc | |
| parent | f4b6234c489c4b8c3242828953b8ae71e5653c59 (diff) | |
| download | mariadb-git-bb681dbc883343ed2c503c15833720f8da499317.tar.gz | |
Bug #31153 calling stored procedure crashes server if available memory is low
When the server was out of memory it crashed because of invalid memory access.
This patch adds detection for failed memory allocations and make the server
output a proper error message.
sql/mysqld.cc:
Don't try to push_warning from within push_warning. It will cause a recursion
until the stack is consumed.
If my_net_init fails (for example: because of OOM) the temporary vio object
might have been attached to the thd object already. This will cause a double
free on the vio object when the thd object is deleted later on and the server
will crash.
sql/sp_head.cc:
Added check for out-of-memory on a 'new' operation.
Refactored reset_lex method to return a error state code instead of void.
Initialize the mem-root with init_sql_alloc to get a basic error handler for
memory allocation problems. This alone won't prevent the server from crashing,
NULL pointers have to be accounted for as well.
sql/sp_head.h:
Use the throw() clause in operator new, to indicate to the compiler that
memory allocation can fail and return NULL, so that the compiler should
generate code to check for NULL before invoking C++ constructors, to be
crash safe.
sql/sql_base.cc:
Use init_sql_alloc to get basic out-of-memory error handling.
sql/sql_lex.h:
Use the throw() clause in operator new, to indicate to the compiler that
memory allocation can fail and return NULL, so that the compiler should
generate code to check for NULL before invoking C++ constructors, to be
crash safe.
sql/sql_prepare.cc:
Use init_sql_alloc to get basic out-of-memory error handling.
sql/sql_yacc.yy:
Check for memory allocation failures where it matters.
Diffstat (limited to 'sql/mysqld.cc')
| -rw-r--r-- | sql/mysqld.cc | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 08c2b60fa79..89d7f3272ad 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -2489,7 +2489,12 @@ static int my_message_sql(uint error, const char *str, myf MyFlags) thd->query_error= 1; // needed to catch query errors during replication if (!thd->no_warnings_for_error) + { + thd->no_warnings_for_error= TRUE; push_warning(thd, MYSQL_ERROR::WARN_LEVEL_ERROR, error, str); + thd->no_warnings_for_error= FALSE; + } + /* thd->lex->current_select == 0 if lex structure is not inited (not query command (COM_QUERY)) @@ -4295,8 +4300,13 @@ pthread_handler_t handle_connections_sockets(void *arg __attribute__((unused))) sock == unix_sock ? VIO_LOCALHOST: 0)) || my_net_init(&thd->net,vio_tmp)) { - if (vio_tmp) - vio_delete(vio_tmp); + /* + Only delete the temporary vio if we didn't already attach it to the + NET object. The destructor in THD will delete any initialized net + structure. + */ + if (vio_tmp && thd->net.vio != vio_tmp) + vio_delete(vio_tmp); else { (void) shutdown(new_sock, SHUT_RDWR); |