mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-17 20:42:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/libmysql
History
Harin Vadodaria 3d8134d2c9 Bug#25988681: USE-AFTER-FREE IN MYSQL_STMT_CLOSE() 
Description: If mysql_stmt_close() encountered error,
             it recorded error in prepared statement
             but then frees memory assigned to prepared
             statement. If mysql_stmt_error() is used
             to get error information, it will result
             into use after free.

             In all cases where mysql_stmt_close() can
             fail, error would have been set by
             cli_advanced_command in MYSQL structure.

Solution: Don't copy error from MYSQL using set_stmt_errmsg.
          There is no automated way to test the fix since
          it is in mysql_stmt_close() which does not expect
          any reply from server.

Reviewed-By: Georgi Kodinov <georgi.kodinov@oracle.com>
Reviewed-By: Ramil Kalimullin <ramil.kalimullin@oracle.com>
2017-05-23 07:14:33 +02:00
..
authentication_win Backport from trunk: 2014-05-07 17:09:14 +02:00
client_settings.h Bug#12897501 REPLICATION DOES NOT SUPPORT WINDOWS AUTH PLUG-IN 2011-09-14 16:10:18 +02:00
CMakeLists.txt Backport from trunk: 2014-05-07 17:09:14 +02:00
conf_to_src.c Bug#21973610: BUFFER OVERFLOW ISSUES 2015-11-06 16:41:55 +05:30
errmsg.c BUG#18080920: CRASH; MY_REALLOC_STR DEREFERENCES NEGATIVE VALUE 2014-04-24 09:30:21 +05:30
get_password.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
libmysql.c Bug#25988681: USE-AFTER-FREE IN MYSQL_STMT_CLOSE() 2017-05-23 07:14:33 +02:00
libmysql.def Bug #12325444 : 60746: CLIENT_PLUGIN.H IS BROKEN 2011-04-06 17:31:26 +03:00
libmysql.ver.in BUG#3074: Unversioned symbols in shared library 2006-01-17 18:51:08 +04:00