mirror of
https://github.com/MariaDB/server.git
synced 2025-01-20 05:52:27 +01:00
dc91bc74c7
When running mysqlbinlog on a 64-bit machine with a corrupt relay log, it causes mysqlbinlog to crash. In this case, the crash is caused because a request for 18446744073709534806U bytes is issued, which apparantly can be served on a 64-bit machine (speculatively, I assume) but this causes the memcpy() issued later to copy the data to segfault. The request for the number of bytes is caused by a computation of data_len - server_vars_len where server_vars_len is corrupt in such a sense that it is > data_len. This causes a wrap-around, with the the data_len given above. This patch adds a check that if server_vars_len is greater than data_len before the substraction, and aborts reading the event in that case marking the event as invalid. It also adds checks to see that reading the server variables does not go outside the bounds of the available space, giving a limited amount of integrity check. mysql-test/r/mysqlbinlog.result: Result change. mysql-test/t/mysqlbinlog.test: Adding test that it fails gracefully for a corrupt relay log. sql/log_event.cc: Adding check that status var length does not cause wrap-around when performing subtraction. Extending get_str_len_and_pointer() to check that the string can actually be read without reading outside bounds. Adding checks when reading server variables from the Query- log_event so that the variable can really be read. Abort reading and mark the event as invalid otherwise. mysql-test/std_data/corrupt-relay-bin.000624: BitKeeper file /home/mats/devel/b31793-mysql-5.0-rpl/mysql-test/std_data/corrupt-relay-bin.000624
244 lines
8.3 KiB
Text
244 lines
8.3 KiB
Text
# We are using .opt file since we need small binlog size
|
||
|
||
-- source include/have_log_bin.inc
|
||
|
||
# we need this for getting fixed timestamps inside of this test
|
||
set timestamp=1000000000;
|
||
|
||
--disable_warnings
|
||
drop table if exists t1,t2,t3,t4,t5,t03,t04;
|
||
--enable_warnings
|
||
|
||
create table t1 (word varchar(20));
|
||
create table t2 (id int auto_increment not null primary key);
|
||
|
||
# simple test for simple statement and various events
|
||
insert into t1 values ("abirvalg");
|
||
insert into t2 values ();
|
||
# Should be uncommented in 4.1
|
||
# set @a:=1
|
||
# insert into t2 values (@a);
|
||
|
||
# test for load data and load data distributed among the several
|
||
# files (we need to fill up first binlog)
|
||
load data infile '../std_data_ln/words.dat' into table t1;
|
||
load data infile '../std_data_ln/words.dat' into table t1;
|
||
load data infile '../std_data_ln/words.dat' into table t1;
|
||
load data infile '../std_data_ln/words.dat' into table t1;
|
||
load data infile '../std_data_ln/words.dat' into table t1;
|
||
# simple query to show more in second binlog
|
||
insert into t1 values ("Alas");
|
||
flush logs;
|
||
|
||
# delimiters are for easier debugging in future
|
||
--disable_query_log
|
||
select "--- Local --" as "";
|
||
--enable_query_log
|
||
|
||
#
|
||
# We should use --short-form everywhere because in other case output will
|
||
# be time dependend. Better than nothing.
|
||
#
|
||
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ $MYSQLTEST_VARDIR/log/master-bin.000001
|
||
|
||
# this should not fail but shouldn't produce any working statements
|
||
--disable_query_log
|
||
select "--- Broken LOAD DATA --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ $MYSQLTEST_VARDIR/log/master-bin.000002 2> /dev/null
|
||
|
||
# this should show almost nothing
|
||
--disable_query_log
|
||
select "--- --database --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --database=nottest $MYSQLTEST_VARDIR/log/master-bin.000001 2> /dev/null
|
||
|
||
# this test for position option
|
||
--disable_query_log
|
||
select "--- --position --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --position=231 $MYSQLTEST_VARDIR/log/master-bin.000002
|
||
|
||
# These are tests for remote binlog.
|
||
# They should return the same as previous test.
|
||
|
||
--disable_query_log
|
||
select "--- Remote --" as "";
|
||
--enable_query_log
|
||
|
||
# This is broken now
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000001
|
||
|
||
# This is broken too
|
||
--disable_query_log
|
||
select "--- Broken LOAD DATA --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000002 2> /dev/null
|
||
|
||
# And this too ! (altough it is documented)
|
||
--disable_query_log
|
||
select "--- --database --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT --database=nottest master-bin.000001 2> /dev/null
|
||
|
||
# Strangely but this works
|
||
--disable_query_log
|
||
select "--- --position --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ --read-from-remote-server --position=231 --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000002
|
||
|
||
# Bug#7853 (mysqlbinlog does not accept input from stdin)
|
||
--disable_query_log
|
||
select "--- reading stdin --" as "";
|
||
--enable_query_log
|
||
--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR
|
||
--exec $MYSQL_BINLOG --short-form - < $MYSQL_TEST_DIR/std_data/trunc_binlog.000001
|
||
|
||
--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR
|
||
--exec $MYSQL_BINLOG --short-form --position=79 - < $MYSQL_TEST_DIR/std_data/trunc_binlog.000001
|
||
drop table t1,t2;
|
||
|
||
#
|
||
#BUG#14157: utf8 encoding in binlog without set character_set_client
|
||
#
|
||
flush logs;
|
||
--write_file $MYSQLTEST_VARDIR/tmp/bug14157.sql
|
||
create table if not exists t5 (a int);
|
||
set names latin1;
|
||
create temporary table `<60><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>` (a int);
|
||
insert into `<60><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>` values (1);
|
||
insert into t5 select * from `<60><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>`
|
||
EOF
|
||
--exec $MYSQL test < $MYSQLTEST_VARDIR/tmp/bug14157.sql
|
||
--remove_file $MYSQLTEST_VARDIR/tmp/bug14157.sql
|
||
|
||
# resulted binlog, parly consisting of multi-byte utf8 chars,
|
||
# must be digestable for both client and server. In 4.1 the client
|
||
# should use default-character-set same as the server.
|
||
--exec $MYSQL_BINLOG --short-form $MYSQLTEST_VARDIR/log/master-bin.000004 | $MYSQL
|
||
select * from t5 /* must be (1),(1) */;
|
||
drop table t5;
|
||
|
||
#
|
||
# Bug#22645 LC_TIME_NAMES: Statement not replicated
|
||
# Check that a dump created by mysqlbinlog reproduces
|
||
# lc_time_names dependent values correctly
|
||
#
|
||
flush logs;
|
||
create table t5 (c1 int, c2 varchar(128) character set latin1 not null);
|
||
insert into t5 values (1, date_format('2001-01-01','%W'));
|
||
set lc_time_names=de_DE;
|
||
insert into t5 values (2, date_format('2001-01-01','%W'));
|
||
set lc_time_names=en_US;
|
||
insert into t5 values (3, date_format('2001-01-01','%W'));
|
||
select * from t5 order by c1;
|
||
flush logs;
|
||
drop table t5;
|
||
--exec $MYSQL_BINLOG --short-form $MYSQLTEST_VARDIR/log/master-bin.000005 | $MYSQL
|
||
select * from t5 order by c1;
|
||
drop table t5;
|
||
|
||
#
|
||
# Bug#20396 Bin Log does not get DELIMETER cmd - Recover StoredProc fails
|
||
#
|
||
--disable_warnings
|
||
drop procedure if exists p1;
|
||
--enable_warnings
|
||
flush logs;
|
||
delimiter //;
|
||
create procedure p1()
|
||
begin
|
||
select 1;
|
||
end;
|
||
//
|
||
delimiter ;//
|
||
flush logs;
|
||
call p1();
|
||
drop procedure p1;
|
||
--error 1305
|
||
call p1();
|
||
--exec $MYSQL_BINLOG --short-form $MYSQLTEST_VARDIR/log/master-bin.000007
|
||
--exec $MYSQL_BINLOG --short-form $MYSQLTEST_VARDIR/log/master-bin.000007 | $MYSQL
|
||
call p1();
|
||
drop procedure p1;
|
||
|
||
#
|
||
# Some coverage of not normally used parts
|
||
#
|
||
--disable_query_log
|
||
--exec $MYSQL_BINLOG --version 2>&1 > /dev/null
|
||
--exec $MYSQL_BINLOG --help 2>&1 > /dev/null
|
||
--enable_query_log
|
||
|
||
#
|
||
# Bug#15126 character_set_database is not replicated
|
||
# (LOAD DATA INFILE need it)
|
||
#
|
||
|
||
flush logs;
|
||
create table t1 (a varchar(64) character set utf8);
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
set character_set_database=koi8r;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
set character_set_database=latin1;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
set character_set_database=koi8r;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
set character_set_database=latin1;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1;
|
||
load data infile '../std_data_ln/loaddata6.dat' into table t1 character set koi8r;
|
||
select hex(a) from t1;
|
||
drop table t1;
|
||
flush logs;
|
||
--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
|
||
--exec $MYSQL_BINLOG --short-form --local-load=$MYSQLTEST_VARDIR/tmp/ $MYSQLTEST_VARDIR/log/master-bin.000009
|
||
|
||
#
|
||
# Bug#28293 missed '#' sign in the hex dump when the dump length
|
||
# is divisible by 16.
|
||
#
|
||
|
||
CREATE TABLE t1 (c1 CHAR(10));
|
||
# we need this for getting fixed timestamps inside of this test
|
||
flush logs;
|
||
INSERT INTO t1 VALUES ('0123456789');
|
||
flush logs;
|
||
DROP TABLE t1;
|
||
--exec $MYSQL_BINLOG --hexdump --local-load=$MYSQLTEST_VARDIR/tmp/ $MYSQLTEST_VARDIR/log/master-bin.000011 | grep 'Query' | sed 's/[0-9]\{1,\}/REMOVED/g'
|
||
|
||
#
|
||
# Bug #29928: incorrect connection_id() restoring from mysqlbinlog out
|
||
#
|
||
flush logs;
|
||
create table t1(a int);
|
||
insert into t1 values(connection_id());
|
||
let $a= `select a from t1`;
|
||
flush logs;
|
||
--exec $MYSQL_BINLOG $MYSQLTEST_VARDIR/log/master-bin.000013 > $MYSQLTEST_VARDIR/tmp/bug29928.sql
|
||
drop table t1;
|
||
connect (con1, localhost, root, , test);
|
||
connection con1;
|
||
--exec $MYSQL test < $MYSQLTEST_VARDIR/tmp/bug29928.sql
|
||
--remove_file $MYSQLTEST_VARDIR/tmp/bug29928.sql
|
||
let $b= `select a from t1`;
|
||
disconnect con1;
|
||
connection default;
|
||
let $c= `select $a=$b`;
|
||
--echo $c
|
||
drop table t1;
|
||
|
||
echo shell> mysqlbinlog std_data/corrupt-relay-bin.000624 > var/tmp/bug31793.sql;
|
||
error 1;
|
||
exec $MYSQL_BINLOG $MYSQL_TEST_DIR/std_data/corrupt-relay-bin.000624 > $MYSQLTEST_VARDIR/tmp/bug31793.sql;
|
||
|
||
--echo End of 5.0 tests
|