From cbeb4e7630e7f8d961b3dbb6450c8cc7c160abfe Mon Sep 17 00:00:00 2001 From: Nirbhay Choubey Date: Thu, 13 Jan 2011 15:56:42 +0530 Subject: [PATCH] Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring null from mysql_store_result. mysqlslap segfaults at a point when it tries to fetch rows from the result set. Under some circumstances, mysql_store_result can return 'NULL', even after query execution (mysql_query) succeeds, and eventually a segfault might occur if same unchecked return value is passed to mysql_fetch_row. Fixed by adding a check on mysql_store_result's return value. --- client/mysqlslap.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/client/mysqlslap.c b/client/mysqlslap.c index b1eafe0082c..3b5c14dd74b 100644 --- a/client/mysqlslap.c +++ b/client/mysqlslap.c @@ -1519,7 +1519,12 @@ generate_primary_key_list(MYSQL *mysql, option_string *engine_stmt) exit(1); } - result= mysql_store_result(mysql); + if (!(result= mysql_store_result(mysql))) + { + fprintf(stderr, "%s: Error when storing result: %d %s\n", + my_progname, mysql_errno(mysql), mysql_error(mysql)); + exit(1); + } primary_keys_number_of= mysql_num_rows(result); /* So why check this? Blackhole :) */ @@ -1891,10 +1896,15 @@ limit_not_met: { if (mysql_field_count(mysql)) { - result= mysql_store_result(mysql); - while ((row = mysql_fetch_row(result))) - counter++; - mysql_free_result(result); + if (!(result= mysql_store_result(mysql))) + fprintf(stderr, "%s: Error when storing result: %d %s\n", + my_progname, mysql_errno(mysql), mysql_error(mysql)); + else + { + while ((row= mysql_fetch_row(result))) + counter++; + mysql_free_result(result); + } } } while(mysql_next_result(mysql) == 0); queries++;