• Davi Arnaut's avatar
    Bug#42634: % character in query can cause mysqld signal 11 segfault · 33a36ce9
    Davi Arnaut authored
    The problem is that a unfiltered user query was being passed as
    the format string parameter of sql_print_warning which later
    performs printf-like formatting, leading to crashes if the user
    query contains formatting instructions (ie: %s). Also, it was
    using THD::query as the source of the user query, but this
    variable is not meaningful in some situations -- in a delayed
    insert, it points to the table name.
    
    The solution is to pass the user query as a parameter for the
    format string and use the function parameter query_arg as the
    source of the user query.
    33a36ce9
binlog_unsafe.test 7.62 KB