Commit bf681d6b authored by Shishir Jaiswal's avatar Shishir Jaiswal

Bug #20802751 - SEGMENTATION FAILURE WHEN RUNNING

                MYSQLADMIN -U ROOT -P

DESCRIPTION
===========
Crash occurs when no command is given while executing
mysqladmin utility.

ANALYSIS
========
In mask_password() the final write to array 'temp_argv'
is done without checking if corresponding index 'argc'
is valid (non-negative) or not. In case its negative
(would happen when this function is called with 'argc'=0),
it may cause a SEGFAULT. Logically in such a case,
mask_password() should not have been called as it would do
no valid thing.

FIX
===
mask_password() is now called after checking 'argc'. This
function is now called only when 'argc' is positive
otherwise the process terminates
parent 359f102a
/* /*
Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -319,8 +319,6 @@ int main(int argc,char *argv[]) ...@@ -319,8 +319,6 @@ int main(int argc,char *argv[])
free_defaults(save_argv); free_defaults(save_argv);
exit(ho_error); exit(ho_error);
} }
temp_argv= mask_password(argc, &argv);
temp_argc= argc;
if (debug_info_flag) if (debug_info_flag)
my_end_arg= MY_CHECK_ERROR | MY_GIVE_INFO; my_end_arg= MY_CHECK_ERROR | MY_GIVE_INFO;
...@@ -332,6 +330,10 @@ int main(int argc,char *argv[]) ...@@ -332,6 +330,10 @@ int main(int argc,char *argv[])
usage(); usage();
exit(1); exit(1);
} }
temp_argv= mask_password(argc, &argv);
temp_argc= argc;
commands = temp_argv; commands = temp_argv;
if (tty_password) if (tty_password)
opt_password = get_tty_password(NullS); opt_password = get_tty_password(NullS);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment