From 1a76d2d06f8ca43bf69d35b35e8d31a20cd0e73e Mon Sep 17 00:00:00 2001 From: VilhoRaatikka Date: Sat, 17 Jan 2015 01:24:56 +0200 Subject: [PATCH] Fix to bug #698, http://bugs.mariadb.com/show_bug.cgi?id=698 debugcmd.c:convert_arg returned zero if argument is invalid. That zero was cast to pointer. Using it caused NULL-pointer references. Changed the return value indicating about error to 0x1 which is then handled properly. --- server/modules/routing/debugcmd.c | 34 ++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/server/modules/routing/debugcmd.c b/server/modules/routing/debugcmd.c index 545aff554..1b2da40c1 100644 --- a/server/modules/routing/debugcmd.c +++ b/server/modules/routing/debugcmd.c @@ -571,7 +571,7 @@ flushlog(DCB *pdcb, char *logname) else { dcb_printf(pdcb, "Unexpected logfile name, expected " - "error, message, trace oe debug.\n"); + "error, message, trace or debug.\n"); } } @@ -666,11 +666,19 @@ SERVICE *service; case ARG_TYPE_SERVICE: if (mode == CLIM_USER || (rval = (unsigned long)strtol(arg, NULL, 0)) == 0) rval = (unsigned long)service_find(arg); - return rval; + + if (rval) + return rval; + else + return 0x1; /*< invalid argument */ case ARG_TYPE_SERVER: if (mode == CLIM_USER || (rval = (unsigned long)strtol(arg, NULL, 0)) == 0) rval = (unsigned long)server_find_by_unique_name(arg); - return rval; + + if (rval) + return rval; + else + return 0x1; /*< invalid argument */ case ARG_TYPE_DBUSERS: if (mode == CLIM_USER || (rval = (unsigned long)strtol(arg, NULL, 0)) == 0) { @@ -684,21 +692,33 @@ SERVICE *service; case ARG_TYPE_DCB: rval = (unsigned long)strtol(arg, NULL, 0); if (mode == CLIM_USER && dcb_isvalid((DCB *)rval) == 0) - rval = 0; + rval = 0x1; /*< invalid argument */ return rval; case ARG_TYPE_SESSION: rval = (unsigned long)strtol(arg, NULL, 0); if (mode == CLIM_USER && session_isvalid((SESSION *)rval) == 0) rval = 0; - return rval; + + if (rval) + return rval; + else + return 0x1; /*< invalid argument */ case ARG_TYPE_MONITOR: if (mode == CLIM_USER || (rval = (unsigned long)strtol(arg, NULL, 0)) == 0) rval = (unsigned long)monitor_find(arg); - return rval; + + if (rval) + return rval; + else + return 0x1; /*< invalid argument */ case ARG_TYPE_FILTER: if (mode == CLIM_USER || (rval = (unsigned long)strtol(arg, NULL, 0)) == 0) rval = (unsigned long)filter_find(arg); - return rval; + + if (rval) + return rval; + else + return 0x1; /*< invalid argument */ case ARG_TYPE_NUMERIC: { int i;