MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events

sujatha-s · sujatha-s · commit 15781283eb4e · 2020-01-07T18:27:05.000+05:30
Problem:
========
SHOW BINLOG EVENTS FROM &lt;pos&gt; reports following ASAN error

AddressSanitizer: heap-buffer-overflow on address
String::append(char const*, unsigned int)
Query_log_event::pack_info(Protocol*)

Fix:
===
**Part5: Added check to catch buffer overflow**
diff --git a/sql/log_event.cc b/sql/log_event.cc
@@ -3815,7 +3815,9 @@ Query_log_event::Query_log_event(const char* buf, uint event_len,
 
   uint32 max_length= uint32(event_len - ((const char*)(end + db_len + 1) -
                                          (buf - common_header_len)));
-  if (q_len != max_length)
+  if (q_len != max_length ||
+      (event_len < uint((const char*)(end + db_len + 1) -
+                        (buf - common_header_len))))
   {
     q_len= 0;
     query= NULL;
