Bug#29998457 - MYSQLDUMP GENERATES INVALID INSERT

Anushree Prakash B · Anushree Prakash B · commit f45b87a9937d · 2020-04-13T13:25:14.000+05:30
STATEMENTS WITH VARBINARY COLUMNS

DESCRIPTION
===========
Binary and varbinary columns are now tagged with "_binary "
in the mysqldump output. However, the memory allocated for
the insert statement does not take the length of the
'_binary ' string into account. The resulting pointer
arithmetic causes invalid insert statements being generated
in the mysqldump output.

FIX
===
Account the memory for the "_binary " string that gets
added in front of the string while reallocating the memory.

RB: 24098
diff --git a/client/mysqldump.c b/client/mysqldump.c
@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -4043,16 +4043,19 @@ static void dump_table(char *table, char *db)
               if (!(field->flags & NUM_FLAG))
               {
                 /*
-                  "length * 2 + 2" is OK for both HEX and non-HEX modes:
+                  "length * 2 + 2" is OK for HEX mode:
                   - In HEX mode we need exactly 2 bytes per character
                   plus 2 bytes for '0x' prefix.
                   - In non-HEX mode we need up to 2 bytes per character,
-                  plus 2 bytes for leading and trailing '\'' characters.
-                  Also we need to reserve 1 byte for terminating '\0'.
+                  plus 2 bytes for leading and trailing '\'' characters
+                  and reserve 1 byte for terminating '\0'.
+                  In addition to this, for the blob type, we need to
+                  reserve for the "_binary " string that gets added in
+                  front of the string in the dump.
                 */
-                dynstr_realloc_checked(&extended_row,length * 2 + 2 + 1);
                 if (opt_hex_blob && is_blob)
                 {
+                  dynstr_realloc_checked(&extended_row,length * 2 + 2 + 1);
                   dynstr_append_checked(&extended_row, "0x");
                   extended_row.length+= mysql_hex_string(extended_row.str +
                                                          extended_row.length,
@@ -4063,6 +4066,8 @@ static void dump_table(char *table, char *db)
                 }
                 else
                 {
+                  dynstr_realloc_checked(&extended_row,length * 2 + 2 + 1 +
+                                         (is_blob? strlen("_binary ") : 0));
                   if (is_blob)
                   {
                     /*
diff --git a/mysql-test/r/mysqldump_bug29998457.result b/mysql-test/r/mysqldump_bug29998457.result
@@ -0,0 +1,41 @@
+# Bug#29998457 MYSQLDUMP GENERATES INVALID INSERT STATEMENTS WITH VARBINARY COLUMNS
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE = '';
+Warnings:
+Warning	3090	Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
+CREATE DATABASE test_bug29998457;
+USE test_bug29998457;
+#Pre-test cleanup
+DROP TABLE IF EXISTS t1;
+CREATE TABLE t1 (
+pk INT,
+v1 VARCHAR(255),
+v2 VARCHAR(255),
+v3 VARCHAR(255),
+v4 VARCHAR(128),
+v5 VARCHAR(64),
+v6 VARCHAR(16),
+v7 VARCHAR(16),
+v8 VARCHAR(8),
+v9 VARBINARY(32),
+v10 VARBINARY(32));
+SELECT '12345678901234567890123456789012345678901234567890' INTO @s;
+SELECT CONCAT(@s, @s, @s, @s, @s) INTO @s1;
+INSERT INTO t1 VALUES (1, @s1, @s1, @s1, @s1, @s1, @s1, @s1, @s1, '','NULL');
+Warnings:
+Warning	1265	Data truncated for column 'v4' at row 1
+Warning	1265	Data truncated for column 'v5' at row 1
+Warning	1265	Data truncated for column 'v6' at row 1
+Warning	1265	Data truncated for column 'v7' at row 1
+Warning	1265	Data truncated for column 'v8' at row 1
+SELECT * FROM test_bug29998457.t1;
+pk	v1	v2	v3	v4	v5	v6	v7	v8	v9	v10
+1	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678	1234567890123456789012345678901234567890123456789012345678901234	1234567890123456	1234567890123456	12345678		NULL
+Warning (Code 3090): Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
+Warning (Code 3090): Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
+SELECT * FROM test_bug29998457.t1;
+pk	v1	v2	v3	v4	v5	v6	v7	v8	v9	v10
+1	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890	12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678	1234567890123456789012345678901234567890123456789012345678901234	1234567890123456	1234567890123456	12345678		NULL
+DROP DATABASE test_bug29998457;
+SET SQL_MODE = @OLD_SQL_MODE;
+Warnings:
+Warning	3090	Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
diff --git a/mysql-test/t/mysqldump_bug29998457.test b/mysql-test/t/mysqldump_bug29998457.test
@@ -0,0 +1,47 @@
+# Embedded server doesn't support external clients
+--source include/not_embedded.inc
+
+--echo # Bug#29998457 MYSQLDUMP GENERATES INVALID INSERT STATEMENTS WITH VARBINARY COLUMNS
+
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE = '';
+let $mysqldumpfile = $MYSQLTEST_VARDIR/tmp/bug29998457.sql;
+CREATE DATABASE test_bug29998457;
+USE test_bug29998457;
+
+--echo #Pre-test cleanup
+--disable_warnings
+DROP TABLE IF EXISTS t1;
+--enable_warnings
+
+CREATE TABLE t1 (
+pk INT,
+v1 VARCHAR(255),
+v2 VARCHAR(255),
+v3 VARCHAR(255),
+v4 VARCHAR(128),
+v5 VARCHAR(64),
+v6 VARCHAR(16),
+v7 VARCHAR(16),
+v8 VARCHAR(8),
+v9 VARBINARY(32),
+v10 VARBINARY(32));
+
+SELECT '12345678901234567890123456789012345678901234567890' INTO @s;
+
+SELECT CONCAT(@s, @s, @s, @s, @s) INTO @s1;
+
+INSERT INTO t1 VALUES (1, @s1, @s1, @s1, @s1, @s1, @s1, @s1, @s1, '','NULL');
+
+SELECT * FROM test_bug29998457.t1;
+
+--exec $MYSQL_DUMP --skip-comments test_bug29998457 > $mysqldumpfile
+--exec $MYSQL --show-warnings test_bug29998457 < $mysqldumpfile
+
+# Ensure that there were no invalid insert statements generated in the mysqldump
+# output and the dump was restored properly.
+SELECT * FROM test_bug29998457.t1;
+
+#Cleanup
+--remove_file $mysqldumpfile
+DROP DATABASE test_bug29998457;
+SET SQL_MODE = @OLD_SQL_MODE;
