mariadb/sql/thr_malloc.cc
Marc Alff 394691cd90 Bug#38296 (low memory crash with many conditions in a query)
This fix is for 5.0 only : back porting the 6.0 patch manually

The parser code in sql/sql_yacc.yy needs to be more robust to out of
memory conditions, so that when parsing a query fails due to OOM,
the thread gracefully returns an error.

Before this fix, a new/alloc returning NULL could:
- cause a crash, if dereferencing the NULL pointer,
- produce a corrupted parsed tree, containing NULL nodes,
- alter the semantic of a query, by silently dropping token values or nodes

With this fix:
- C++ constructors are *not* executed with a NULL "this" pointer
when operator new fails.
This is achieved by declaring "operator new" with a "throw ()" clause,
so that a failed new gracefully returns NULL on OOM conditions.

- calls to new/alloc are tested for a NULL result,

- The thread diagnostic area is set to an error status when OOM occurs.
This ensures that a request failing in the server properly returns an
ER_OUT_OF_RESOURCES error to the client.

- OOM conditions cause the parser to stop immediately (MYSQL_YYABORT).
This prevents causing further crashes when using a partially built parsed
tree in further rules in the parser.

No test scripts are provided, since automating OOM failures is not
instrumented in the server.
Tested under the debugger, to verify that an error in alloc_root cause the
thread to returns gracefully all the way to the client application, with
an ER_OUT_OF_RESOURCES error.
2008-08-11 10:10:00 -06:00

118 lines
2.8 KiB
C++

/* Copyright (C) 2000-2001, 2003-2004 MySQL AB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
/* Mallocs for used in threads */
#include "mysql_priv.h"
extern "C" {
void sql_alloc_error_handler(void)
{
THD *thd=current_thd;
if (thd) // QQ; To be removed
thd->fatal_error(); /* purecov: inspected */
sql_print_error(ER(ER_OUT_OF_RESOURCES));
}
}
void init_sql_alloc(MEM_ROOT *mem_root, uint block_size, uint pre_alloc)
{
init_alloc_root(mem_root, block_size, pre_alloc);
mem_root->error_handler=sql_alloc_error_handler;
}
void *sql_alloc(size_t Size)
{
MEM_ROOT *root= *my_pthread_getspecific_ptr(MEM_ROOT**,THR_MALLOC);
return alloc_root(root,Size);
}
void *sql_calloc(size_t size)
{
void *ptr;
if ((ptr=sql_alloc(size)))
bzero(ptr,size);
return ptr;
}
char *sql_strdup(const char *str)
{
size_t len= strlen(str)+1;
char *pos;
if ((pos= (char*) sql_alloc(len)))
memcpy(pos,str,len);
return pos;
}
char *sql_strmake(const char *str, size_t len)
{
char *pos;
if ((pos= (char*) sql_alloc(len+1)))
{
memcpy(pos,str,len);
pos[len]=0;
}
return pos;
}
void* sql_memdup(const void *ptr, size_t len)
{
void *pos;
if ((pos= sql_alloc(len)))
memcpy(pos,ptr,len);
return pos;
}
void sql_element_free(void *ptr __attribute__((unused)))
{} /* purecov: deadcode */
char *sql_strmake_with_convert(const char *str, size_t arg_length,
CHARSET_INFO *from_cs,
size_t max_res_length,
CHARSET_INFO *to_cs, size_t *result_length)
{
char *pos;
size_t new_length= to_cs->mbmaxlen*arg_length;
max_res_length--; // Reserve place for end null
set_if_smaller(new_length, max_res_length);
if (!(pos= (char*) sql_alloc(new_length+1)))
return pos; // Error
if ((from_cs == &my_charset_bin) || (to_cs == &my_charset_bin))
{
// Safety if to_cs->mbmaxlen > 0
new_length= min(arg_length, max_res_length);
memcpy(pos, str, new_length);
}
else
{
uint dummy_errors;
new_length= copy_and_convert((char*) pos, new_length, to_cs, str,
arg_length, from_cs, &dummy_errors);
}
pos[new_length]= 0;
*result_length= new_length;
return pos;
}