From a0537faa8b3ad6c0ead04e2e0c4b15a0f974dbbd Mon Sep 17 00:00:00 2001 From: Venkata Sidagam Date: Mon, 21 Jul 2014 11:26:50 +0530 Subject: Bug #17297324 GLIBC DOUBLE FREE OR CORRUPTION WHEN KILLING CLIENT; CTRL+C Description: Sometimes when killing the mysql command line client with KILL -2(SIGINT), mysql client core dumps as a result of a double free or corruption. Analysis: When we run the mysql client in command line mode it will goes to mysql_end() and frees many data structures. At the same time (i.e after some data structures are freed), if we give "KILL -2" signal then the signal will be handled with function handle_kill_signal() and as part of it will again calls mysql_end() and goes with free() to the already freed data structure for batch_readline_end() function, which causes core dump. Fix: Ignoring SIGQUIT and SIGINT signals when cleanup process starts. This will help in resolving the double free issues, which occurs in case the signal handler function is started in between of the clean up function. For 5.6 we need to ignore SIGHUP also. --- client/mysql.cc | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'client') diff --git a/client/mysql.cc b/client/mysql.cc index 6520dce076a..84f5f097f06 100644 --- a/client/mysql.cc +++ b/client/mysql.cc @@ -1242,6 +1242,16 @@ int main(int argc,char *argv[]) sig_handler mysql_end(int sig) { +#ifndef _WIN32 + /* + Ingnoring SIGQUIT and SIGINT signals when cleanup process starts. + This will help in resolving the double free issues, which occures in case + the signal handler function is started in between the clean up function. + */ + signal(SIGQUIT, SIG_IGN); + signal(SIGINT, SIG_IGN); +#endif + mysql_close(&mysql); #ifdef HAVE_READLINE if (!status.batch && !quick && !opt_html && !opt_xml && -- cgit v1.2.1