search

twitter-forks / mysql

MySQL fork maintained and used at Twitter
https://github.com/twitter/mysql/wiki
GNU General Public License v2.0
1.73k stars 442 forks source link

A potential bug of free of stack address #13

Open ash1852 opened 2 years ago

ash1852 commented 2 years ago

hello, I found a potential bug of free of stack address in source code of mysql, the overview of occurrence is shown as follows. image image step1: in mysql/sql-common/client.c line 3585 defined a local variable tmp_mysql in this line image

step2: in mysql/sql-common/client.c line 3615 in a path derived from step1,there is a call of mysql_close and stack address of tmp_mysql is used as 1st parameter image

step3: in mysql/sql-common/client.c line 3823 the parameter of function mysql_close is used as 1st parameter of function my_free image

step4: in mysql/mysys/my_malloc.c line 134 free of stack address here image

ash1852 commented 2 years ago

would you help check if this bug is true?thank you very much.