From c0cd2742af13c90f117b563e368566ed489b1fca Mon Sep 17 00:00:00 2001
From: Alexey Kopytov <Alexey.Kopytov@sun.com>
Date: Thu, 7 May 2009 18:31:02 +0400
Subject: [PATCH] Bug #41943: mysqlbinlog.exe crashes if --hexdump option is
 used

The --hexdump option crashed mysqlbinlog when used together
with the --read-from-remote-server option due to use of
uninitialized memory.

Since Log_event::print_header() relies on temp_buf to be
initialized when the --hexdump option is present,
dump_remote_log_entries() was fixed to setup temp_buf to point
to the start of a binlog event as done in
dump_local_log_entries().

The root cause of this bug is identical to the one for
bug #17654. The latter was fixed in 5.1 and up, so this
patch is backport of the patches for bug #17654 to 5.0.

Only 5.0 needs a changelog entry.

client/mysqlbinlog.cc:
  Fixed dump_remote_log_entries() so that temp_buf is initialized
  as it may be used later by Log_event::print_header() if the
  --hexdump option is present.
mysql-test/r/mysqlbinlog.result:
  Added a test case for bug #41943.
mysql-test/t/mysqlbinlog.test:
  Added a test case for bug #41943.
---
 client/mysqlbinlog.cc           | 14 ++++++++++++++
 mysql-test/r/mysqlbinlog.result |  2 ++
 mysql-test/t/mysqlbinlog.test   | 10 ++++++++++
 3 files changed, 26 insertions(+)

diff --git a/client/mysqlbinlog.cc b/client/mysqlbinlog.cc
index ed072902730..36b86ae7a96 100644
--- a/client/mysqlbinlog.cc
+++ b/client/mysqlbinlog.cc
@@ -626,6 +626,7 @@ Create_file event for file_id: %u\n",exv->file_id);
       glob_description_event= (Format_description_log_event*) ev;
       print_event_info->common_header_len= glob_description_event->common_header_len;
       ev->print(result_file, print_event_info);
+      ev->temp_buf= 0;
       /*
         We don't want this event to be deleted now, so let's hide it (I
         (Guilhem) should later see if this triggers a non-serious Valgrind
@@ -668,8 +669,16 @@ Begin_load_query event for file_id: %u\n", exlq->file_id);
 
 end:
   rec_count++;
+  /*
+    Destroy the log_event object. If reading from a remote host,
+    set the temp_buf to NULL so that memory isn't freed twice.
+  */
   if (ev)
+  {
+    if (remote_opt)
+      ev->temp_buf= 0;
     delete ev;
+  }
   DBUG_RETURN(0);
 }
 
@@ -1151,6 +1160,11 @@ could be out of memory");
       error= 1;
       goto err;
     }   
+    /*
+      If reading from a remote host, ensure the temp_buf for the
+      Log_event class is pointing to the incoming stream.
+    */
+    ev->register_temp_buf((char *) net->read_pos + 1);
 
     Log_event_type type= ev->get_type_code();
     if (glob_description_event->binlog_version >= 3 ||
diff --git a/mysql-test/r/mysqlbinlog.result b/mysql-test/r/mysqlbinlog.result
index 23244d2b3c4..4cb8eb29f19 100644
--- a/mysql-test/r/mysqlbinlog.result
+++ b/mysql-test/r/mysqlbinlog.result
@@ -380,4 +380,6 @@ IS NOT NULL
 1
 *** Unsigned server_id 4294967295 is found: 1 ***
 SET @@global.server_id= 1;
+RESET MASTER;
+FLUSH LOGS;
 End of 5.0 tests
diff --git a/mysql-test/t/mysqlbinlog.test b/mysql-test/t/mysqlbinlog.test
index 1ca07a40df1..dd45f499866 100644
--- a/mysql-test/t/mysqlbinlog.test
+++ b/mysql-test/t/mysqlbinlog.test
@@ -294,4 +294,14 @@ echo *** Unsigned server_id $s_id_max is found: $s_id_unsigned ***;
 eval SET @@global.server_id= $save_server_id;
 --remove_file $binlog_file
 
+#
+# Bug #41943: mysqlbinlog.exe crashes if --hexdump option is used
+#
+
+RESET MASTER;
+FLUSH LOGS;
+
+# We do not need the results, just make sure that mysqlbinlog does not crash
+--exec $MYSQL_BINLOG --hexdump --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT  master-bin.000001 >/dev/null
+
 --echo End of 5.0 tests