Skip Menu |

This queue is for tickets about the DBD-mysql CPAN distribution.

Report information
The Basics
Id: 97570
Status: resolved
Priority: 0/
Queue: DBD-mysql
People
Owner: Nobody in particular
Requestors: RURBAN [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 4.028

History Show all quoted text
  Mon Jul 28 16:24:04 2014 RURBAN [...] cpan.org - Ticket created
Subject: [patch] wrong salloc free in mysql_st_internal_execute
When you execute a statement without binding params, salloc in mysql_st_internal_execute will be NULL parse_params: if (!num_params) return NULL but then at line 3317 Safefree(salloc); is used unconditionally, trying to free NULL, which leads to a malloc assertion if you are lucky. patch see pull request -- Reini Urban
  Mon Jul 28 16:25:40 2014 RURBAN [...] cpan.org - Correspondence added
On Mon Jul 28 16:24:04 2014, RURBAN wrote: Show quoted text
> When you execute a statement without binding params, > salloc in mysql_st_internal_execute will be NULL > > parse_params: > if (!num_params) return NULL > > but then at line 3317 > Safefree(salloc); > > is used unconditionally, trying to free NULL, which leads to a malloc > assertion if you are lucky. > > patch see pull request
https://github.com/perl5-dbi/DBD-mysql/pull/25 --- dbdimp.c +++ dbdimp.c @@ -3314,7 +3314,8 @@ my_ulonglong mysql_st_internal_execute( } #endif - Safefree(salloc); + if (salloc) + Safefree(salloc); if(rows == -2) { do_error(h, mysql_errno(svsock), mysql_error(svsock), -- Reini Urban
  Mon Jul 28 16:36:21 2014 RURBAN [...] cpan.org - Correspondence added
On Mon Jul 28 16:24:04 2014, RURBAN wrote: Show quoted text
> When you execute a statement without binding params, > salloc in mysql_st_internal_execute will be NULL > > parse_params: > if (!num_params) return NULL > > but then at line 3317 > Safefree(salloc); > > is used unconditionally, trying to free NULL, which leads to a malloc > assertion if you are lucky.
You will probably mention that free(NULL) is legal in most libc's, but Safefree is not always using free directly and it crashes on our centos5 32-bit systems.
  Sat Jan 24 18:29:13 2015 MICHIELB [...] cpan.org - Correspondence added
Thanks a lot for the fix, This was part of release 4.028.
  Sat Jan 24 18:29:13 2015 The RT System itself - Status changed from 'new' to 'open'
  Sat Jan 24 18:29:14 2015 MICHIELB [...] cpan.org - Status changed from 'open' to 'resolved'
  Sat Jan 24 18:29:14 2015 MICHIELB [...] cpan.org - Fixed in 4.028 added