SHOW PROCESSLIST reference to THD::db not protected against simultaneous updates
Bug #1173282 reported by
Laurynas Biveinis
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Percona Server moved to https://jira.percona.com/projects/PS | Status tracked in 5.7 | |||||
5.1 |
Won't Fix
|
Medium
|
Unassigned | |||
5.5 |
Triaged
|
Medium
|
Unassigned | |||
5.6 |
Triaged
|
Medium
|
Unassigned | |||
5.7 |
Triaged
|
Medium
|
Unassigned |
Bug Description
Original report at https:/
SHOW PROCESSLIST accesses the current db (THD::db) of each thread without
any protection against simultaneous update (by THD::set_db()).
if ((thd_info-
This can result in reading free()d memory, in theory returning sensitive data
or even crashing (if free() decided to munmap() the memory).
A possible solution is to protect THD::set_db() calls, as well as reading of
THD::db from SHOW PROCESSLIST, by the LOCK_thd_data mutex.
tags: | added: processlist |
To post a comment you must log in.
Percona now uses JIRA for bug reports so this bug report is migrated to: https:/ /jira.percona. com/browse/ PS-1359