diff options
| author | Marko Mäkelä <marko.makela@mariadb.com> | 2019-10-29 18:20:32 +0200 |
|---|---|---|
| committer | Marko Mäkelä <marko.makela@mariadb.com> | 2019-10-29 18:20:32 +0200 |
| commit | bef843b97f2e91859f2a08845822d619e769f89f (patch) | |
| tree | a0db144a096e936ac70b3f46ab21e93576766f3e /storage/innobase/trx | |
| parent | cb14d2e1a5f682a413943294b8137d35ba948a1d (diff) | |
| download | mariadb-git-bef843b97f2e91859f2a08845822d619e769f89f.tar.gz | |
MDEV-20917 InnoDB is passing NULL to nonnull function parameters
mem_heap_dup(): Avoid mem_heap_alloc() and memcpy() of data=NULL, len=0.
trx_undo_report_insert_virtual(), trx_undo_page_report_insert(),
trx_undo_page_report_modify(): Avoid memcpy(ptr, NULL, 0).
dfield_data_is_binary_equal(): Correctly handle data=NULL, len=0.
rec_init_offsets_temp(): Do allow def_val=NULL in the interface.
This clean-up was motivated by WITH_UBSAN, and no bug related to this
was observed in the wild. It should be noted that undefined behaviour
such as memcpy(ptr, NULL, 0) could allow compilers to perform unsafe
optimizations, like it was the case in
commit fc168c3a5e58d8b364a2e87e0d876a261ec7fced (MDEV-15587).
Diffstat (limited to 'storage/innobase/trx')
| -rw-r--r-- | storage/innobase/trx/trx0rec.cc | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/storage/innobase/trx/trx0rec.cc b/storage/innobase/trx/trx0rec.cc index 44b9f056770..901dd90c005 100644 --- a/storage/innobase/trx/trx0rec.cc +++ b/storage/innobase/trx/trx0rec.cc @@ -421,9 +421,15 @@ trx_undo_report_insert_virtual( const dfield_t* vfield = dtuple_get_nth_v_field( row, col->v_pos); - ulint flen = vfield->len; + switch (ulint flen = vfield->len) { + case 0: case UNIV_SQL_NULL: + if (trx_undo_left(undo_block, *ptr) < 5) { + return(false); + } - if (flen != UNIV_SQL_NULL) { + *ptr += mach_write_compressed(*ptr, flen); + break; + default: ulint max_len = dict_max_v_field_len_store_undo( table, col_no); @@ -438,14 +444,8 @@ trx_undo_report_insert_virtual( } *ptr += mach_write_compressed(*ptr, flen); - ut_memcpy(*ptr, vfield->data, flen); + memcpy(*ptr, vfield->data, flen); *ptr += flen; - } else { - if (trx_undo_left(undo_block, *ptr) < 5) { - return(false); - } - - *ptr += mach_write_compressed(*ptr, flen); } } } @@ -524,13 +524,16 @@ trx_undo_page_report_insert( ptr += mach_write_compressed(ptr, flen); - if (flen != UNIV_SQL_NULL) { + switch (flen) { + case 0: case UNIV_SQL_NULL: + break; + default: if (trx_undo_left(undo_block, ptr) < flen) { return(0); } - ut_memcpy(ptr, dfield_get_data(field), flen); + memcpy(ptr, dfield_get_data(field), flen); ptr += flen; } } @@ -998,7 +1001,7 @@ trx_undo_page_report_modify( return(0); } - ut_memcpy(ptr, field, flen); + memcpy(ptr, field, flen); ptr += flen; } } @@ -1129,7 +1132,7 @@ trx_undo_page_report_modify( return(0); } - ut_memcpy(ptr, field, flen); + memcpy(ptr, field, flen); ptr += flen; } @@ -1154,7 +1157,7 @@ trx_undo_page_report_modify( return(0); } - ut_memcpy(ptr, field, flen); + memcpy(ptr, field, flen); ptr += flen; } } @@ -1303,7 +1306,7 @@ trx_undo_page_report_modify( return(0); } - ut_memcpy(ptr, field, flen); + memcpy(ptr, field, flen); ptr += flen; } @@ -1388,13 +1391,16 @@ already_logged: ptr += mach_write_compressed(ptr, flen); - if (flen != UNIV_SQL_NULL) { + switch (flen) { + case 0: case UNIV_SQL_NULL: + break; + default: if (trx_undo_left(undo_block, ptr) < flen) { return(0); } - ut_memcpy(ptr, field, flen); + memcpy(ptr, field, flen); ptr += flen; } } |