maria-developers team mailing list archive

Thread
Date

Re: 5469d88e7b4: MDEV-19049 Server crashes in check_duplicate_long_entry_key, ASAN stack-buffer-overflow in Field_blob::get_key_image

To: Sachin <sachin.setiya@xxxxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Tue, 2 Apr 2019 12:26:57 +0200
Cc: maria-developers@xxxxxxxxxxxxxxxxxxx
In-reply-to: <uSypczZ97YG.A.SOG.ugzocB@pweza>
User-agent: Mutt/1.10.1 (2018-07-13)

Hi, Sachin!

On Apr 02, Sachin Setiya wrote:
> revision-id: 5469d88e7b4 (mariadb-10.4.3-104-g5469d88e7b4)
> parent(s): 0bc42602266
> author: Sachin <sachin.setiya@xxxxxxxxxxx>
> committer: Sachin <sachin.setiya@xxxxxxxxxxx>
> timestamp: 2019-03-28 11:29:25 +0530
> message:
> 
> MDEV-19049 Server crashes in check_duplicate_long_entry_key, ASAN stack-buffer-overflow in Field_blob::get_key_image
> 
> Long Unique keys should always be last unique key.

Why?

> diff --git a/sql/sql_table.cc b/sql/sql_table.cc
> index ad62ecc1103..c755a74e174 100644
> --- a/sql/sql_table.cc
> +++ b/sql/sql_table.cc
> @@ -2796,6 +2797,14 @@ static int sort_keys(KEY *a, KEY *b)
>    {
>      if (!(b_flags & HA_NOSAME))
>        return -1;
> +    /*
> +      Long Unique keys should always be last unique key.
> +      Before this patch they used to change order wrt to partial keys (MDEV-19049)

don't write the code history "before this patch it worked like that"
in the code itself. When you look at the code there is no "patch", just
a comment. The concepts of "patch" and "before it used to be" belongs to
the history, and logically should be in the commit comment, not in a
code comment.

> +    */
> +    if (a->algorithm == HA_KEY_ALG_LONG_HASH)
> +      return 1;
> +    if (b->algorithm == HA_KEY_ALG_LONG_HASH)
> +      return -1;
>      if ((a_flags ^ b_flags) & HA_NULL_PART_KEY)
>      {
>        /* Sort NOT NULL keys before other keys */
> 
Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx