From 4eb898bb1663ab470a07e8419de4aa14b5afc667 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vicen=C8=9Biu=20Ciorbaru?= <vicentiu@mariadb.org>
Date: Tue, 16 Aug 2016 11:25:11 +0300
Subject: MDEV-10563 Crash during shutdown in
 Master_info_index::any_slave_sql_running

In well defined C code, the "this" pointer is never NULL. Currently, we
were potentially dereferencing a NULL pointer (master_info_index). GCC v6
removes any "if (!this)" conditions as it assumes this is always a
non-null pointer. In order to prevent undefined behaviour, check the
pointer before dereferencing and remove the check within member
functions.
---
 sql/item_func.cc | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'sql/item_func.cc')

diff --git a/sql/item_func.cc b/sql/item_func.cc
index b637213bc2d..9ee1ba4c7a7 100644
--- a/sql/item_func.cc
+++ b/sql/item_func.cc
@@ -3942,7 +3942,7 @@ longlong Item_master_pos_wait::val_int()
   longlong timeout = (arg_count>=3) ? args[2]->val_int() : 0 ;
   String connection_name_buff;
   LEX_STRING connection_name;
-  Master_info *mi;
+  Master_info *mi= NULL;
   if (arg_count >= 4)
   {
     String *con;
@@ -3962,8 +3962,9 @@ longlong Item_master_pos_wait::val_int()
     connection_name= thd->variables.default_master_connection;
 
   mysql_mutex_lock(&LOCK_active_mi);
-  mi= master_info_index->get_master_info(&connection_name,
-                                         Sql_condition::WARN_LEVEL_WARN);
+  if (master_info_index)  // master_info_index is set to NULL on shutdown.
+    mi= master_info_index->get_master_info(&connection_name,
+                                           Sql_condition::WARN_LEVEL_WARN);
   mysql_mutex_unlock(&LOCK_active_mi);
   if (!mi)
     goto err;
-- 
cgit v1.2.1