Package: libmariadb3 Version: 1:10.3.22-0+deb10u1 Severity: important Tags: patch
Hi, The issue is described at https://github.com/perl5-dbi/DBD-mysql/issues/306 The following Perl script segfaults quite regularly: use Test::More; use DBI; my $dbname = 'mysql'; my $user = 'user'; my $password = 'password'; chomp $password; my $dbh = DBI->connect("dbi:mysql:$dbname;host=localhost",$user, $password, { mysql_auto_reconnect => 0 }); $dbh->disconnect(); ok( ! $dbh->ping(), 'dbh is disconnected and did not segv'); done_testing(); The problem is that mysql_close frees a couple of objects, but does not set the pointer to those objects to NULL. The ping() call references freed memory and behavior is undefined. The patch below fixes the problem. Regards, Dianne. =================================================================== --- mariadb-10.3-10.3.22.orig/libmariadb/libmariadb/mariadb_lib.c +++ mariadb-10.3-10.3.22/libmariadb/libmariadb/mariadb_lib.c @@ -2000,6 +2000,8 @@ mysql_close(MYSQL *mysql) if (mysql->extension) free(mysql->extension); + mysql->net.extension = NULL; + mysql->extension = NULL; mysql->net.pvio= 0; if (mysql->free_me) free(mysql); =================================================================== -- System Information: Debian Release: 10.4 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.7.11 (SMP w/12 CPU cores) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system)
