• Jan Lindström's avatar
    MDEV-8474: InnoDB sets per-connection data unsafely · 7a967021
    Jan Lindström authored
    Analysis: At check_trx_exists function InnoDB allocates
    a new trx if no trx is found from thd but this newly
    allocated trx is not registered to thd. This is unsafe,
    because nothing prevents InnoDB plugin from being uninstalled
    while there's active transaction. This can cause crashes, hang
    and any other odd behavior. It may also corrupt stack, as
    functions pointers are not available after dlclose.
    
    Fix: The fix is to use thd_set_ha_data() when
    manipulating per-connection handler data. It does appropriate
    plugin locking.
    7a967021
ha_innodb.cc 413 KB