From a40ea266e6c658dd9154ad29d7841ed4f2534901 Mon Sep 17 00:00:00 2001 From: Venkata Sidagam Date: Thu, 10 Jan 2013 16:37:20 +0530 Subject: Bug #14553380 MYSQL C API LIBRARY EXITS AT NET_CLEAR AT NET_SERV.CC:223 Problem description: When client loses the connection to the MySQL server or if the server gets shutdown after mysql_stmt_prepare() then the next mysql_stmt_prepare() will return an error(as expected) but consecutive call mysql_stmt_execute(), will crash the client program. The expected behavior would be, it should through an error. Analysis: The mysql_stmt_prepare() interns calls the function end_server() and net->vio and net->buff are freed and set to NULL. Then the next call mysql_stmt_execute() will interns call net_clear() where we are "net->vio" with out validating it. Fix: we are validating the net->vio, before calling net_clear(). --- libmysql/libmysql.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'libmysql') diff --git a/libmysql/libmysql.c b/libmysql/libmysql.c index ed1a85f86b4..a6bb617132f 100644 --- a/libmysql/libmysql.c +++ b/libmysql/libmysql.c @@ -2107,7 +2107,14 @@ int cli_stmt_execute(MYSQL_STMT *stmt) DBUG_RETURN(1); } - net_clear(net, 1); /* Sets net->write_pos */ + if (net->vio) + net_clear(net, 1); /* Sets net->write_pos */ + else + { + set_stmt_errmsg(stmt, net); + DBUG_RETURN(1); + } + /* Reserve place for null-marker bytes */ null_count= (stmt->param_count+7) /8; if (my_realloc_str(net, null_count + 1)) -- cgit v1.2.1