Skip to content

Commit f9fe805

Browse files
faizshukrifaizshukri
committed
Handle OOM in block_alloc_get_chunk, and also in the caller
in mysqlnd_wireprotocol.c
1 parent 864f2da commit f9fe805

File tree

2 files changed

+27
-22
lines changed

2 files changed

+27
-22
lines changed

ext/mysqlnd/mysqlnd_block_alloc.c

Lines changed: 23 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -119,29 +119,30 @@ MYSQLND_MEMORY_POOL_CHUNK * mysqlnd_mempool_get_chunk(MYSQLND_MEMORY_POOL * pool
119119
DBG_ENTER("mysqlnd_mempool_get_chunk");
120120

121121
chunk = mnd_malloc(sizeof(MYSQLND_MEMORY_POOL_CHUNK));
122-
123-
chunk->free_chunk = mysqlnd_mempool_free_chunk;
124-
chunk->resize_chunk = mysqlnd_mempool_resize_chunk;
125-
chunk->size = size;
126-
/*
127-
Should not go over MYSQLND_MAX_PACKET_SIZE, since we
128-
expect non-arena memory in mysqlnd_wireprotocol.c . We
129-
realloc the non-arena memory.
130-
*/
131-
chunk->pool = pool;
132-
if (size > pool->free_size) {
133-
chunk->from_pool = FALSE;
134-
chunk->ptr = mnd_malloc(size);
135-
if (!chunk->ptr) {
136-
chunk->free_chunk(chunk TSRMLS_CC);
137-
chunk = NULL;
122+
if (chunk) {
123+
chunk->free_chunk = mysqlnd_mempool_free_chunk;
124+
chunk->resize_chunk = mysqlnd_mempool_resize_chunk;
125+
chunk->size = size;
126+
/*
127+
Should not go over MYSQLND_MAX_PACKET_SIZE, since we
128+
expect non-arena memory in mysqlnd_wireprotocol.c . We
129+
realloc the non-arena memory.
130+
*/
131+
chunk->pool = pool;
132+
if (size > pool->free_size) {
133+
chunk->from_pool = FALSE;
134+
chunk->ptr = mnd_malloc(size);
135+
if (!chunk->ptr) {
136+
chunk->free_chunk(chunk TSRMLS_CC);
137+
chunk = NULL;
138+
}
139+
} else {
140+
chunk->from_pool = TRUE;
141+
++pool->refcount;
142+
chunk->ptr = pool->arena + (pool->arena_size - pool->free_size);
143+
/* Last step, update free_size */
144+
pool->free_size -= size;
138145
}
139-
} else {
140-
chunk->from_pool = TRUE;
141-
++pool->refcount;
142-
chunk->ptr = pool->arena + (pool->arena_size - pool->free_size);
143-
/* Last step, update free_size */
144-
pool->free_size -= size;
145146
}
146147
DBG_RETURN(chunk);
147148
}

ext/mysqlnd/mysqlnd_wireprotocol.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1136,6 +1136,10 @@ php_mysqlnd_read_row_ex(MYSQLND * conn, MYSQLND_MEMORY_POOL * result_set_memory_
11361136
to be able to implement read-only variables. Thus, we add + 1.
11371137
*/
11381138
*buffer = result_set_memory_pool->get_chunk(result_set_memory_pool, *data_size + 1 TSRMLS_CC);
1139+
if (!*buffer) {
1140+
ret = FAIL;
1141+
break;
1142+
}
11391143
p = (*buffer)->ptr;
11401144
} else if (!first_iteration) {
11411145
/* Empty packet after MYSQLND_MAX_PACKET_SIZE packet. That's ok, break */

0 commit comments

Comments
 (0)