DBD-mysql icon indicating copy to clipboard operation
DBD-mysql copied to clipboard

Published 20 hours ago verified publisher icon perl5-dbi

Execution of case with core occurrence

Open deskau opened this issue 2 years ago • 4 comments

rt61849-bind-param-buffer-overflow.t , A core occurred while executing this case The content is as follows: use strict; use warnings;

use Test::More; use DBI;

use vars qw($test_dsn $test_user $test_password); #require "t/lib.pl";

my $INSECURE_VALUE_FROM_USER = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

my $dbh = eval { DBI->connect("DBI:mysql:database=xx;host=xxx;port=3306", 'xxxx', "xxxxx", { PrintError => 0, RaiseError => 1, AutoCommit => 0 }) }; plan skip_all => "no database connection" if $@ or not $dbh;

plan tests => 2; my $sth = $dbh->prepare("select * from unknown_table where id=?"); eval { $sth->bind_param(1, $INSECURE_VALUE_FROM_USER, 3) }; like $@, qr/Binding non-numeric field 1, value '$INSECURE_VALUE_FROM_USER' as a numeric!/, "bind_param failed on incorrect numeric value"; pass "perl interpreter did not crash";

deskau avatar Jun 01 '23 06:06 deskau

Parsing the core: (gdb) bt #0 0x00007f9578db3277 in raise () from /lib64/libc.so.6 #1 0x00007f9578db4968 in abort () from /lib64/libc.so.6 #2 0x00007f9578df5d37 in __libc_message () from /lib64/libc.so.6 #3 0x00007f9578e956e7 in __fortify_fail () from /lib64/libc.so.6 #4 0x00007f9578e93862 in __chk_fail () from /lib64/libc.so.6 #5 0x00007f9578e92d6b in _IO_str_chk_overflow () from /lib64/libc.so.6 #6 0x00007f9578df9e01 in _IO_default_xsputn () from /lib64/libc.so.6 #7 0x00007f9578dc9ed3 in vfprintf () from /lib64/libc.so.6 #8 0x00007f9578e92df8 in __vsprintf_chk () from /lib64/libc.so.6 #9 0x00007f9578e92d4d in __sprintf_chk () from /lib64/libc.so.6 #10 0x00007f957201a78f in mysql_bind_ph () from /usr/lib64/perl5/vendor_perl/auto/DBD/mysql/mysql.so #11 0x00007f957202127a in XS_DBD__mysql__st_bind_param () from /usr/lib64/perl5/vendor_perl/auto/DBD/mysql/mysql.so #12 0x00007f9572444707 in XS_DBI_dispatch () from /usr/lib64/perl5/vendor_perl/auto/DBI/DBI.so #13 0x00007f957a1956ef in Perl_pp_entersub () from /usr/lib64/perl5/CORE/libperl.so #14 0x00007f957a18de66 in Perl_runops_standard () from /usr/lib64/perl5/CORE/libperl.so #15 0x00007f957a12aa75 in perl_run () from /usr/lib64/perl5/CORE/libperl.so #16 0x0000000000400d09 in main () (gdb)

deskau avatar Jun 01 '23 07:06 deskau

This looks like as one of the issue which I fixing in the past for DBD-MariaDB. Could you check if DBD-MariaDB is (not) affected?

pali avatar Jun 01 '23 07:06 pali

I use MySQL and Oceanbase databases, both of which are capable of core. Sorry, I don't have a MariaDB environment here

deskau avatar Jun 01 '23 07:06 deskau

Well, the point is that https://github.com/perl5-dbi/DBD-MariaDB driver supports both MySQL and MariaDB servers. So if the DBD-mysql is crashing you can try DBD-MariaDB for your MySQL application.

pali avatar Jun 11 '23 14:06 pali