Bug #23135667: CRASH AFTER DEEPLY NESTED BUILD_EQUAL_ITEMS_FOR_COND

Problem: When build_equal_items_for_cond gets called for a big query recursively, the specified thread_stack_size exceeds. But optimizer does not handle this condition. As a result, server exits. Solution: Check if we exceed specified stack size and if yes exit gracefully by throwing an error.
author: Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com> 2016-08-18 09:56:48 +0530
committer: Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com> 2016-08-18 09:56:48 +0530
commit: 0248fb2e8a3c6a02f443140cfcf68a0190354e23 (patch)
tree: 257a3910614adf6a65f3255001665ca94b10b5a4 /sql/sql_select.cc
parent: 0c6eac64c7d63d1fdf6fa78724b817f03e5d7454 (diff)
download: mariadb-git-0248fb2e8a3c6a02f443140cfcf68a0190354e23.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index fb705e9ba6a..80d4b87e916 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -8154,6 +8154,9 @@ static COND *build_equal_items_for_cond(THD *thd, COND *cond,
   COND_EQUAL cond_equal;
   cond_equal.upper_levels= inherited;
 
+  if (check_stack_overrun(thd, STACK_MIN_SIZE, NULL))
+    return cond;                          // Fatal error flag is set!
+
   if (cond->type() == Item::COND_ITEM)
   {
     List<Item> eq_list;
author	Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com>	2016-08-18 09:56:48 +0530
committer	Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com>	2016-08-18 09:56:48 +0530
commit	0248fb2e8a3c6a02f443140cfcf68a0190354e23 (patch)
tree	257a3910614adf6a65f3255001665ca94b10b5a4 /sql/sql_select.cc
parent	0c6eac64c7d63d1fdf6fa78724b817f03e5d7454 (diff)
download	mariadb-git-0248fb2e8a3c6a02f443140cfcf68a0190354e23.tar.gz