Commit 8030bdfc authored by unknown's avatar unknown

BUG#34788 - malformed federated connection url is not handled

            correctly - crashes server !

Creating federated table with connect string containing empty
(zero-length) host name and port is evaluated as 0 (port is
incorrect, omitted or 0) crashes server.

This happens because federated calls strcmp() with NULL pointer.

Fixed by avoiding strcmp() call if hostname is set to NULL.


mysql-test/r/federated.result:
  A test case for BUG#34788.
mysql-test/t/federated.test:
  A test case for BUG#34788.
sql/ha_federated.cc:
  Fixed that parse_url() may call strcmp() with NULL pointer.
parent 7343db29
...@@ -2069,6 +2069,8 @@ a b ...@@ -2069,6 +2069,8 @@ a b
1 1 1 1
DROP TABLE t1; DROP TABLE t1;
DROP TABLE t1; DROP TABLE t1;
CREATE TABLE t1 (a INT) ENGINE=federated CONNECTION='mysql://@:://';
DROP TABLE t1;
DROP TABLE IF EXISTS federated.t1; DROP TABLE IF EXISTS federated.t1;
DROP DATABASE IF EXISTS federated; DROP DATABASE IF EXISTS federated;
DROP TABLE IF EXISTS federated.t1; DROP TABLE IF EXISTS federated.t1;
......
...@@ -1738,4 +1738,11 @@ DROP TABLE t1; ...@@ -1738,4 +1738,11 @@ DROP TABLE t1;
connection slave; connection slave;
DROP TABLE t1; DROP TABLE t1;
#
# BUG#34788 - malformed federated connection url is not handled correctly -
# crashes server !
#
CREATE TABLE t1 (a INT) ENGINE=federated CONNECTION='mysql://@:://';
DROP TABLE t1;
source include/federated_cleanup.inc; source include/federated_cleanup.inc;
...@@ -643,12 +643,19 @@ static int parse_url(FEDERATED_SHARE *share, TABLE *table, ...@@ -643,12 +643,19 @@ static int parse_url(FEDERATED_SHARE *share, TABLE *table,
if ((strchr(share->table_name, '/'))) if ((strchr(share->table_name, '/')))
goto error; goto error;
/*
If hostname is omitted, we set it to NULL. According to
mysql_real_connect() manual:
The value of host may be either a hostname or an IP address.
If host is NULL or the string "localhost", a connection to the
local host is assumed.
*/
if (share->hostname[0] == '\0') if (share->hostname[0] == '\0')
share->hostname= NULL; share->hostname= NULL;
if (!share->port) if (!share->port)
{ {
if (strcmp(share->hostname, my_localhost) == 0) if (!share->hostname || strcmp(share->hostname, my_localhost) == 0)
share->socket= my_strdup(MYSQL_UNIX_ADDR, MYF(0)); share->socket= my_strdup(MYSQL_UNIX_ADDR, MYF(0));
else else
share->port= MYSQL_PORT; share->port= MYSQL_PORT;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment