maria-developers team mailing list archive

Thread
Date

Is it a bug?

To: Sergei Golubchik <serg@xxxxxxxxxxxx>
From: Alexey Botchkov <holyfoot@xxxxxxxxxxxx>
Date: Wed, 24 Jul 2013 22:10:19 +0400
Cc: maria-developers@xxxxxxxxxxxxxxxxxxx
Reply-to: holyfoot@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

Hi, SerG.

The code in sql/sql_plugin.cc function read_maria_plugin_info()

  sym= dlsym(plugin_dl->handle, maria_plugin_declarations_sym);
  ...
  if (plugin_dl->mariaversion != MARIA_PLUGIN_INTERFACE_VERSION)
  {
        ...
        if ((sym= dlsym(plugin_dl->handle, maria_sizeof_st_plugin_sym)))
           sizeof_st_plugin= *(int *)sym;
        ...
        if (sizeof_st_plugin != sizeof(st_mysql_plugin))
        {
            ...
            sym= cur;
        }
   }
   plugin_dl->plugins= (struct st_maria_plugin *)sym;

So that when we enter the first 'if' but not the second(sizeof_st_plugin == sizeof(st_mysql_plugin)the sym still points at the maria_sizeof_st_plugin_sym which makes a badst_maria_plugin pointer.


I think it's a bug, isn't it?

Best regards.
HF

Follow ups

Re: Is it a bug?
From: Sergei Golubchik, 2013-08-09