MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events

Problem: ======== SHOW BINLOG EVENTS FROM <pos> reports following ASAN error AddressSanitizer: heap-buffer-overflow on address String::append(char const*, unsigned int) Query_log_event::pack_info(Protocol*) Fix: === **Part5: Added check to catch buffer overflow**

MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events
Problem: ======== SHOW BINLOG EVENTS FROM <pos> reports following ASAN error AddressSanitizer: heap-buffer-overflow on address String::append(char const*, unsigned int) Query_log_event::pack_info(Protocol*) Fix: === **Part5: Added check to catch buffer overflow**
15781283 · Sujatha · a42ef108 · 15781283
Commit 15781283 authored Dec 18, 2019 by Sujatha
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

sql/log_event.cc sql/log_event.cc +3 -1

No files found.
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -3815,7 +3815,9 @@ Query_log_event::Query_log_event(const char* buf, uint event_len,

  uint32 max_length= uint32(event_len - ((const char*)(end + db_len + 1) -
                                         (buf - common_header_len)));
-  if (q_len != max_length)
+  if (q_len != max_length ||
+      (event_len < uint((const char*)(end + db_len + 1) -
+                        (buf - common_header_len))))
  {
    q_len= 0;
    query= NULL;