Skip to content

Commit 2effebc

Browse files
janlindstromjanlindstrom
committed
MDEV-30732 : wsrep_store_key_val_for_row() may invoke memcpy() on nullptr
Problem was that row_mysql_read_blob_ref can return NULL in case when blob datatype is used in a key and its real value is NULL. This NULL pointer is then used in memcpy function in wsrep_store_key_val_for_row. However, memcpy is defined so that argument 2 must not be NULL. Fixed by adding conditions before memcpy functions so that argument 2 is always non NULL. Additional fixes after review - Removed unnecessary copying key data from one buffer to another. Use original key data buffer as input and temporary buffer as output. Extra output buffer is needed because strnxfrm might expand input buffer contents. - Removed unnecessary initialization of variables and move declaration where first time needed. - Removed unnecessary intitialization of temporary buffer because we already keep track actual filled length. - Remove unneccessary extra call to charset->strnxfrm
1 parent 814787f commit 2effebc

File tree

5 files changed

+650
-126
lines changed

5 files changed

+650
-126
lines changed

mysql-test/suite/galera/r/MDEV-30732.result

Lines changed: 329 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,329 @@
1+
connection node_2;
2+
connection node_1;
3+
SET GLOBAL sql_mode=0;
4+
SET sql_mode=DEFAULT;
5+
CREATE TABLE t (c INT,c2 BLOB,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
6+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
7+
UPDATE t SET c2=NULL WHERE c = 1;
8+
UPDATE t SET c2="" WHERE c=1;
9+
UPDATE t SET c2="TESTtest" WHERE c = 1;
10+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
11+
DELETE FROM t WHERE c2="BUGbug";
12+
SELECT * FROM t;
13+
c c2
14+
DROP TABLE t;
15+
CREATE TABLE t (c INT,c2 BLOB NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
16+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
17+
Warnings:
18+
Warning 1364 Field 'c2' doesn't have a default value
19+
UPDATE t SET c2=NULL WHERE c = 1;
20+
Warnings:
21+
Warning 1048 Column 'c2' cannot be null
22+
Warning 1048 Column 'c2' cannot be null
23+
Warning 1048 Column 'c2' cannot be null
24+
Warning 1048 Column 'c2' cannot be null
25+
Warning 1048 Column 'c2' cannot be null
26+
UPDATE t SET c2="" WHERE c=1;
27+
UPDATE t SET c2="TESTtest" WHERE c = 1;
28+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
29+
DELETE FROM t WHERE c2="BUGbug";
30+
SELECT * FROM t;
31+
c c2
32+
DROP TABLE t;
33+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 BLOB,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
34+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
35+
UPDATE t SET c2=NULL WHERE c = 1;
36+
UPDATE t SET c2="" WHERE c=1;
37+
UPDATE t SET c2="TESTtest" WHERE c = 1;
38+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
39+
DELETE FROM t WHERE c2="BUGbug";
40+
SELECT * FROM t;
41+
c c2
42+
2 NULL
43+
3 NULL
44+
4 NULL
45+
5 NULL
46+
DROP TABLE t;
47+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 BLOB NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
48+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
49+
Warnings:
50+
Warning 1364 Field 'c2' doesn't have a default value
51+
UPDATE t SET c2=NULL WHERE c = 1;
52+
Warnings:
53+
Warning 1048 Column 'c2' cannot be null
54+
UPDATE t SET c2="" WHERE c=1;
55+
UPDATE t SET c2="TESTtest" WHERE c = 1;
56+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
57+
DELETE FROM t WHERE c2="BUGbug";
58+
SELECT * FROM t;
59+
c c2
60+
2
61+
3
62+
4
63+
5
64+
DROP TABLE t;
65+
CREATE TABLE t (c INT,c2 VARCHAR(270),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
66+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
67+
UPDATE t SET c2=NULL WHERE c = 1;
68+
UPDATE t SET c2="" WHERE c=1;
69+
UPDATE t SET c2="TESTtest" WHERE c = 1;
70+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
71+
DELETE FROM t WHERE c2="BUGbug";
72+
SELECT * FROM t;
73+
c c2
74+
DROP TABLE t;
75+
CREATE TABLE t (c INT,c2 VARCHAR(270) NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
76+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
77+
Warnings:
78+
Warning 1364 Field 'c2' doesn't have a default value
79+
UPDATE t SET c2=NULL WHERE c = 1;
80+
Warnings:
81+
Warning 1048 Column 'c2' cannot be null
82+
Warning 1048 Column 'c2' cannot be null
83+
Warning 1048 Column 'c2' cannot be null
84+
Warning 1048 Column 'c2' cannot be null
85+
Warning 1048 Column 'c2' cannot be null
86+
UPDATE t SET c2="" WHERE c=1;
87+
UPDATE t SET c2="TESTtest" WHERE c = 1;
88+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
89+
DELETE FROM t WHERE c2="BUGbug";
90+
SELECT * FROM t;
91+
c c2
92+
DROP TABLE t;
93+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 VARCHAR(270),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
94+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
95+
UPDATE t SET c2=NULL WHERE c = 1;
96+
UPDATE t SET c2="" WHERE c=1;
97+
UPDATE t SET c2="TESTtest" WHERE c = 1;
98+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
99+
DELETE FROM t WHERE c2="BUGbug";
100+
SELECT * FROM t;
101+
c c2
102+
2 NULL
103+
3 NULL
104+
4 NULL
105+
5 NULL
106+
DROP TABLE t;
107+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 VARCHAR(270) NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
108+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
109+
Warnings:
110+
Warning 1364 Field 'c2' doesn't have a default value
111+
UPDATE t SET c2=NULL WHERE c = 1;
112+
Warnings:
113+
Warning 1048 Column 'c2' cannot be null
114+
UPDATE t SET c2="" WHERE c=1;
115+
UPDATE t SET c2="TESTtest" WHERE c = 1;
116+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
117+
DELETE FROM t WHERE c2="BUGbug";
118+
SELECT * FROM t;
119+
c c2
120+
2
121+
3
122+
4
123+
5
124+
DROP TABLE t;
125+
CREATE TABLE t (c INT,c2 CHAR(80),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
126+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
127+
UPDATE t SET c2=NULL WHERE c = 1;
128+
UPDATE t SET c2="" WHERE c=1;
129+
UPDATE t SET c2="TESTtest" WHERE c = 1;
130+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
131+
DELETE FROM t WHERE c2="BUGbug";
132+
SELECT * FROM t;
133+
c c2
134+
DROP TABLE t;
135+
CREATE TABLE t (c INT,c2 CHAR(80) NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
136+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
137+
Warnings:
138+
Warning 1364 Field 'c2' doesn't have a default value
139+
UPDATE t SET c2=NULL WHERE c = 1;
140+
Warnings:
141+
Warning 1048 Column 'c2' cannot be null
142+
Warning 1048 Column 'c2' cannot be null
143+
Warning 1048 Column 'c2' cannot be null
144+
Warning 1048 Column 'c2' cannot be null
145+
Warning 1048 Column 'c2' cannot be null
146+
UPDATE t SET c2="" WHERE c=1;
147+
UPDATE t SET c2="TESTtest" WHERE c = 1;
148+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
149+
DELETE FROM t WHERE c2="BUGbug";
150+
SELECT * FROM t;
151+
c c2
152+
DROP TABLE t;
153+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 CHAR(80),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
154+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
155+
UPDATE t SET c2=NULL WHERE c = 1;
156+
UPDATE t SET c2="" WHERE c=1;
157+
UPDATE t SET c2="TESTtest" WHERE c = 1;
158+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
159+
DELETE FROM t WHERE c2="BUGbug";
160+
SELECT * FROM t;
161+
c c2
162+
2 NULL
163+
3 NULL
164+
4 NULL
165+
5 NULL
166+
DROP TABLE t;
167+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 CHAR(80) NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
168+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
169+
Warnings:
170+
Warning 1364 Field 'c2' doesn't have a default value
171+
UPDATE t SET c2=NULL WHERE c = 1;
172+
Warnings:
173+
Warning 1048 Column 'c2' cannot be null
174+
UPDATE t SET c2="" WHERE c=1;
175+
UPDATE t SET c2="TESTtest" WHERE c = 1;
176+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
177+
DELETE FROM t WHERE c2="BUGbug";
178+
SELECT * FROM t;
179+
c c2
180+
2
181+
3
182+
4
183+
5
184+
DROP TABLE t;
185+
CREATE TABLE t (c INT,c2 TEXT,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
186+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
187+
UPDATE t SET c2=NULL WHERE c = 1;
188+
UPDATE t SET c2="TESTtest" WHERE c = 1;
189+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
190+
DELETE FROM t WHERE c2="BUGbug";
191+
SELECT * FROM t;
192+
c c2
193+
DROP TABLE t;
194+
CREATE TABLE t (c INT,c2 TEXT NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
195+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
196+
Warnings:
197+
Warning 1364 Field 'c2' doesn't have a default value
198+
UPDATE t SET c2=NULL WHERE c = 1;
199+
Warnings:
200+
Warning 1048 Column 'c2' cannot be null
201+
Warning 1048 Column 'c2' cannot be null
202+
Warning 1048 Column 'c2' cannot be null
203+
Warning 1048 Column 'c2' cannot be null
204+
Warning 1048 Column 'c2' cannot be null
205+
UPDATE t SET c2="TESTtest" WHERE c = 1;
206+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
207+
DELETE FROM t WHERE c2="BUGbug";
208+
SELECT * FROM t;
209+
c c2
210+
DROP TABLE t;
211+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 TEXT,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
212+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
213+
UPDATE t SET c2=NULL WHERE c = 1;
214+
UPDATE t SET c2="TESTtest" WHERE c = 1;
215+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
216+
DELETE FROM t WHERE c2="BUGbug";
217+
SELECT * FROM t;
218+
c c2
219+
2 NULL
220+
3 NULL
221+
4 NULL
222+
5 NULL
223+
DROP TABLE t;
224+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 TEXT NOT NULL,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
225+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
226+
Warnings:
227+
Warning 1364 Field 'c2' doesn't have a default value
228+
UPDATE t SET c2=NULL WHERE c = 1;
229+
Warnings:
230+
Warning 1048 Column 'c2' cannot be null
231+
UPDATE t SET c2="TESTtest" WHERE c = 1;
232+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
233+
DELETE FROM t WHERE c2="BUGbug";
234+
SELECT * FROM t;
235+
c c2
236+
2
237+
3
238+
4
239+
5
240+
DROP TABLE t;
241+
SET GLOBAL sql_mode=DEFAULT;
242+
CREATE TABLE t (c INT,c2 BLOB,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
243+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
244+
UPDATE t SET c2=NULL WHERE c = 1;
245+
UPDATE t SET c2="TESTtest" WHERE c = 1;
246+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
247+
DELETE FROM t WHERE c2="BUGbug";
248+
SELECT * FROM t;
249+
c c2
250+
DROP TABLE t;
251+
CREATE TABLE t (c INT,c2 VARCHAR(270),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
252+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
253+
UPDATE t SET c2=NULL WHERE c = 1;
254+
UPDATE t SET c2="TESTtest" WHERE c = 1;
255+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
256+
DELETE FROM t WHERE c2="BUGbug";
257+
SELECT * FROM t;
258+
c c2
259+
DROP TABLE t;
260+
CREATE TABLE t (c INT,c2 CHAR(80),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
261+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
262+
UPDATE t SET c2=NULL WHERE c = 1;
263+
UPDATE t SET c2="TESTtest" WHERE c = 1;
264+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
265+
DELETE FROM t WHERE c2="BUGbug";
266+
SELECT * FROM t;
267+
c c2
268+
DROP TABLE t;
269+
CREATE TABLE t (c INT,c2 TEXT,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
270+
INSERT INTO t (c) VALUES (1),(1),(1),(1),(1);
271+
UPDATE t SET c2=NULL WHERE c = 1;
272+
UPDATE t SET c2="TESTtest" WHERE c = 1;
273+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
274+
DELETE FROM t WHERE c2="BUGbug";
275+
SELECT * FROM t;
276+
c c2
277+
DROP TABLE t;
278+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 BLOB,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
279+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
280+
UPDATE t SET c2=NULL WHERE c = 1;
281+
UPDATE t SET c2="TESTtest" WHERE c = 1;
282+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
283+
DELETE FROM t WHERE c2="BUGbug";
284+
SELECT * FROM t;
285+
c c2
286+
2 NULL
287+
3 NULL
288+
4 NULL
289+
5 NULL
290+
DROP TABLE t;
291+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 VARCHAR(270),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
292+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
293+
UPDATE t SET c2=NULL WHERE c = 1;
294+
UPDATE t SET c2="TESTtest" WHERE c = 1;
295+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
296+
DELETE FROM t WHERE c2="BUGbug";
297+
SELECT * FROM t;
298+
c c2
299+
2 NULL
300+
3 NULL
301+
4 NULL
302+
5 NULL
303+
DROP TABLE t;
304+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 CHAR(80),KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
305+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
306+
UPDATE t SET c2=NULL WHERE c = 1;
307+
UPDATE t SET c2="TESTtest" WHERE c = 1;
308+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
309+
DELETE FROM t WHERE c2="BUGbug";
310+
SELECT * FROM t;
311+
c c2
312+
2 NULL
313+
3 NULL
314+
4 NULL
315+
5 NULL
316+
DROP TABLE t;
317+
CREATE TABLE t (c INT NOT NULL PRIMARY KEY,c2 TEXT,KEY k2 (c2 (6),c)) DEFAULT CHARSET=latin1 ROW_FORMAT=COMPACT;
318+
INSERT INTO t (c) VALUES (1),(2),(3),(4),(5);
319+
UPDATE t SET c2=NULL WHERE c = 1;
320+
UPDATE t SET c2="TESTtest" WHERE c = 1;
321+
UPDATE t SET c2="BUGbug" WHERE c2 = "TESTtest";
322+
DELETE FROM t WHERE c2="BUGbug";
323+
SELECT * FROM t;
324+
c c2
325+
2 NULL
326+
3 NULL
327+
4 NULL
328+
5 NULL
329+
DROP TABLE t;

0 commit comments

Comments
 (0)