filesort.cc:

Bug#33675: Usage of an uninitialized memory by filesort in a subquery caused server crash. Free smaller buffer before allocating bigger one.

filesort.cc:
Bug#33675: Usage of an uninitialized memory by filesort in a subquery caused server crash. Free smaller buffer before allocating bigger one.
830b8f0e · evgen@moonbone.local · 165dfa3e · 830b8f0e
Commit 830b8f0e authored Jan 10, 2008 by evgen@moonbone.local
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

sql/filesort.cc sql/filesort.cc +6 -2

No files found.
--- a/sql/filesort.cc
+++ b/sql/filesort.cc
@@ -239,10 +239,14 @@ ha_rows filesort(THD *thd, TABLE *table, SORT_FIELD *sortorder, uint s_length,
  }
  else
  {
+    if (table_sort.buffpek && table_sort.buffpek_len < maxbuffer)
+    {
+      x_free(table_sort.buffpek);
+      table_sort.buffpek= 0;
+    }
    if (!(table_sort.buffpek=
          read_buffpek_from_file(&buffpek_pointers, maxbuffer,
-                                 (table_sort.buffpek_len < maxbuffer ?
-                                  NULL : table_sort.buffpek))))
+                                 table_sort.buffpek)))
      goto err;
    buffpek= (BUFFPEK *) table_sort.buffpek;
    table_sort.buffpek_len= maxbuffer;