From 5ab5e914e79b2ca48aed23938128a61cfbcafc89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Fri, 28 Jun 2019 09:13:11 +0300 Subject: [PATCH] MXS-2582: Deep-copy PS buffers in RWBackend::write Deep-copying prevents subsequent modifications done by the caller from affecting the data that can be potentially stored in the write queue of the backend's DCB. --- server/modules/protocol/MySQL/rwbackend.cc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/server/modules/protocol/MySQL/rwbackend.cc b/server/modules/protocol/MySQL/rwbackend.cc index 1b460e59a..0840c6cb6 100644 --- a/server/modules/protocol/MySQL/rwbackend.cc +++ b/server/modules/protocol/MySQL/rwbackend.cc @@ -88,6 +88,14 @@ bool RWBackend::write(GWBUF* buffer, response_type type) if (mxs_mysql_is_ps_command(cmd)) { + // We need to completely separate the buffer this backend owns and the one that the caller owns to + // prevent any modifications from affecting the one that was written through this backend. If the + // buffer gets placed into the write queue of the DCB, subsequent modifications to the original buffer + // would be propagated to the one this backend owns. + GWBUF* tmp = gwbuf_deep_clone(buffer); + gwbuf_free(buffer); + buffer = tmp; + uint32_t id = mxs_mysql_extract_ps_id(buffer); BackendHandleMap::iterator it = m_ps_handles.find(id);