Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Memory corruptions in EXECUTE STATEMENT may crash the server [CORE1919] #2353

Closed
firebird-issue-importer opened this issue Jun 1, 2008 · 6 comments

Comments

@firebird-issue-importer
Copy link

@firebird-issue-importer firebird-issue-importer commented Jun 1, 2008

Submitted by: @asfernandes

Due to two (one in V2.5) different memory corruptions, the server may crash with an EXECUTE STATEMENT.
One problem affects all platforms and the other is 64-bit only.

I can reproduce the crash with V2.5 in Linux AMD64, but not with V2.0 and V2.1 in the same environment.

Commits: 4e37a55 96fbc36 0d84abc

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 1, 2008

Commented by: @asfernandes

In V2.0 and V2.1 branches, there is a missing parameter being passed to make_node. nod_exec_into needs 4 parameters. This code was commented in V2.5 in favor of nod_exec_stmt.

In all branches, there is 0 constants being passed to make_node. 0 is 32-bit and make_node expects pointers.

The crash only happens for me in the place that there are two consecutive 0. Instead of store a NULL in nod_args, it mix with bits of the other parameter.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 1, 2008

Modified by: @asfernandes

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.5 Alpha 1 [ 10224 ]

Fix Version: 2.1.2 [ 10270 ]

Fix Version: 2.0.5 [ 10222 ]

assignee: Adriano dos Santos Fernandes [ asfernandes ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 1, 2008

Commented by: @asfernandes

Test case for V2.5 crash:

execute block
as
begin
execute statement 'insert into x values (1)';
end!

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 18, 2008

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 19, 2016

Modified by: @pavel-zotov

QA Status: No test

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Mar 6, 2018

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: No test => Not enough information

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment