apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 56330] New: APR_DBD_MYSQL.c error
Date Sat, 29 Mar 2014 02:26:14 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=56330

            Bug ID: 56330
           Summary: APR_DBD_MYSQL.c error
           Product: APR
           Version: 1.5.3
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: APR-util
          Assignee: bugs@apr.apache.org
          Reporter: weiqiang_li@hotmail.com

There is a bug or a mixture in the file's *dbd_mysql_end_transaction* function:
static int dbd_mysql_end_transaction(apr_dbd_transaction_t *trans)
{
    int ret = -1;
    if (trans) {
        /* rollback on error or explicit rollback request */
        if (trans->errnum || TXN_DO_ROLLBACK(trans)) {
            trans->errnum = 0;
            ret = mysql_rollback(trans->handle->conn);
        }
        else {
            ret = mysql_commit(trans->handle->conn);
        }
    }
    ret |= mysql_autocommit(trans->handle->conn, 1);
    trans->handle->trans = NULL;
    return ret;
}

This function was called only by *dbd_mysql_transaction* function:
static int dbd_mysql_transaction(apr_pool_t *pool, apr_dbd_t *handle,
                                 apr_dbd_transaction_t **trans)
{
    /* Don't try recursive transactions here */
    if (handle->trans) {
        dbd_mysql_end_transaction(handle->trans) ;
    }
    if (!*trans) {
        *trans = apr_pcalloc(pool, sizeof(apr_dbd_transaction_t));
    }
    (*trans)->errnum = mysql_autocommit(handle->conn, 0);
    (*trans)->handle = handle;
    handle->trans = *trans;
    return (*trans)->errnum;
}

As we can see, the trans is guaranteed to be not NULL when it called
*dbd_mysql_end_transaction*, so it is no need to check it again in the
function.
What's mare, the check for trans value in *dbd_mysql_end_transaction* has no
proper scope: it dereferences trans even though it is NULL(This will generate a
segmentfault).

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message