File perl-DBD-mysql-4.021-CVE-2017-10788.patch of Package perl-DBD-mysql

Overview Repositories Revisions Requests Users Attributes Meta

File perl-DBD-mysql-4.021-CVE-2017-10788.patch of Package perl-DBD-mysql

From 9ce10cfae7138c37c3a0cb2ba2a1d682482943d0 Mon Sep 17 00:00:00 2001
From: Pali <pali@cpan.org>
Date: Sun, 25 Jun 2017 10:07:39 +0200
Subject: [PATCH] Fix use-after-free after calling mysql_stmt_close()

Ignore return value from mysql_stmt_close() and also its error message
because it points to freed memory after mysql_stmt_close() was called.
---
 dbdimp.c |    8 ++------
 mysql.xs |    7 ++-----
 2 files changed, 4 insertions(+), 11 deletions(-)

Index: DBD-mysql-4.021/dbdimp.c
===================================================================
--- DBD-mysql-4.021.orig/dbdimp.c
+++ DBD-mysql-4.021/dbdimp.c
@@ -4129,12 +4129,8 @@ void dbd_st_destroy(SV *sth, imp_sth_t *
 
   if (imp_sth->stmt)
   {
-    if (mysql_stmt_close(imp_sth->stmt))
-    {
-      do_error(DBIc_PARENT_H(imp_sth), mysql_stmt_errno(imp_sth->stmt),
-          mysql_stmt_error(imp_sth->stmt),
-          mysql_stmt_sqlstate(imp_sth->stmt));
-    }
+    mysql_stmt_close(imp_sth->stmt);
+    imp_sth->stmt= NULL;
   }
 #endif
 
Index: DBD-mysql-4.021/mysql.xs
===================================================================
--- DBD-mysql-4.021.orig/mysql.xs
+++ DBD-mysql-4.021/mysql.xs
@@ -398,11 +398,8 @@ do(dbh, statement, attr=Nullsv, ...)
       if (bind)
         Safefree(bind);
 
-      if(mysql_stmt_close(stmt))
-      {
-        fprintf(stderr, "\n failed while closing the statement");
-        fprintf(stderr, "\n %s", mysql_stmt_error(stmt));
-      }
+      mysql_stmt_close(stmt);
+      stmt= NULL;
     }
   }

Places

File perl-DBD-mysql-4.021-CVE-2017-10788.patch of Package perl-DBD-mysql

Places