enterprise-support team mailing list archive
-
enterprise-support team
-
Mailing list archive
-
Message #04491
[Bug 1484599] [NEW] recv_parse_log_rec violates its contract re. incomplete recs for MLOG_CHECKPOINT
Public bug reported:
Copy of
[13 Aug 16:21] Laurynas Biveinis
Description:
recv_parse_log_rec is documented as follows:
** Tries to parse a single log record.
...
@param[in] ptr pointer to a buffer
@param[in] end_ptr end of the buffer
...
@return length of the record, or 0 if the record was not complete */
The record is complete if its length <= end_ptr - ptr, in which case
length is returned, otherwise the record is incomplete and zero is
returned. This is true for all the record types except for
MLOG_CHECKPOINT, for which SIZE_OF_MLOG_CHECKPOINT is returned
regardless of end_ptr - ptr. Then the caller handles the incomplete
record case itself. This could be a problem for patches that reuse
recv_parse_log_rec for something else.
A uniform incomplete record handling regardless of the record type would
be cleaner.
This state of things could be a result of MLOG_CHECKPOINT being one-byte
record originally, and handled as other one byte records in this
function.
How to repeat:
Code analysis.
Suggested fix:
@@ -2338,7 +2349,8 @@ recv_parse_log_rec(
return(1);
case MLOG_CHECKPOINT:
*type = static_cast<mlog_id_t>(*ptr);
- return(SIZE_OF_MLOG_CHECKPOINT);
+ return ((end_ptr - ptr < SIZE_OF_MLOG_CHECKPOINT)
+ ? 0 : SIZE_OF_MLOG_CHECKPOINT);
case MLOG_MULTI_REC_END | MLOG_SINGLE_REC_FLAG:
case MLOG_DUMMY_RECORD | MLOG_SINGLE_REC_FLAG:
case MLOG_CHECKPOINT | MLOG_SINGLE_REC_FLAG:
@@ -2563,9 +2575,6 @@ loop:
/* Do nothing */
break;
case MLOG_CHECKPOINT:
- if (end_ptr < ptr + SIZE_OF_MLOG_CHECKPOINT) {
- return(false);
- }
#if SIZE_OF_MLOG_CHECKPOINT != 1 + 8
# error SIZE_OF_MLOG_CHECKPOINT != 1 + 8
#endif
** Affects: mysql-server
Importance: Unknown
Status: Unknown
** Affects: percona-server
Importance: Undecided
Status: Invalid
** Affects: percona-server/5.1
Importance: Undecided
Status: Invalid
** Affects: percona-server/5.5
Importance: Undecided
Status: Invalid
** Affects: percona-server/5.6
Importance: Undecided
Status: Invalid
** Affects: percona-server/5.7
Importance: Medium
Assignee: Laurynas Biveinis (laurynas-biveinis)
Status: Fix Committed
** Tags: upstream
** Also affects: percona-server/5.7
Importance: Undecided
Status: New
** Also affects: percona-server/5.5
Importance: Undecided
Status: New
** Also affects: percona-server/5.1
Importance: Undecided
Status: New
** Also affects: percona-server/5.6
Importance: Undecided
Status: New
** Changed in: percona-server/5.1
Status: New => Invalid
** Changed in: percona-server/5.5
Status: New => Invalid
** Changed in: percona-server/5.6
Status: New => Invalid
** Changed in: percona-server/5.7
Assignee: (unassigned) => Laurynas Biveinis (laurynas-biveinis)
** Changed in: percona-server/5.7
Importance: Undecided => Medium
** Changed in: percona-server/5.7
Status: New => Fix Committed
** Tags added: upstream
** Bug watch added: MySQL Bug System #78058
http://bugs.mysql.com/bug.php?id=78058
** Also affects: mysql-server via
http://bugs.mysql.com/bug.php?id=78058
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to MySQL.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1484599
Title:
recv_parse_log_rec violates its contract re. incomplete recs for
MLOG_CHECKPOINT
To manage notifications about this bug go to:
https://bugs.launchpad.net/mysql-server/+bug/1484599/+subscriptions
Follow ups
