[debian-mysql] Bug#477072: mysql-server-5.0: Arbitrary data input plus GIS functions, causes mysql server crash
tabris
tabris at tabris.net
Sat Aug 23 18:04:08 UTC 2008
Norbert Tretkowski wrote:
> Am Montag, den 18.08.2008, 09:22 -0700 schrieb tabris:
>
>> This bug has been sitting around since July w/o a resolution.
>>
>> I tracked it down to a difference between i386 builds and AMD64. The
>> crash only occurs on AMD64. I think this is an important bug to be fixed
>> as it results in a minor reproducible DoS/data-loss (of temporary tables
>> and heap tables).
>>
>> At this point I am unclear on what to do about it, especially as I
>> contacted the maintainer directly 3 weeks ago and still have yet to
>> receive a response.
>>
>
> I am still unable to reproduce this crash, even on amd64. I get a bunch
> of syntax errors when sourcing country.sql, but no crash when sourcing
> mysql-crash.sql.
>
> Norbert
>
>
Find attached a clean copy of both files, and a tarball of them.
I'm guessing that the country.sql may have been corrupted somehow, thus
the syntax errors.
Also, just updated to 5.0.51a-12, and it still happens.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: country.sql
Url: http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20080823/03e5bfb8/attachment-0002.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: mysql-crash.sql
Url: http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20080823/03e5bfb8/attachment-0003.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 477072.tar.bz2
Type: application/octet-stream
Size: 7308 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20080823/03e5bfb8/attachment-0001.obj
More information about the pkg-mysql-maint
mailing list