tdbc::mysql

View Ticket
Login
Bounty program for improvements to Tcl and certain Tcl packages.
Tcl 2019 Conference, Houston/TX, US, Nov 4-8
Send your abstracts to [email protected]
or submit via the online form by Sep 9.
Ticket UUID: 040c635cb3fb898bef4ec87c60c9d09a64c504c6
Title: tdbc::mysql crashes tcl
Status: Open Type: Code_Defect
Severity: Critical Priority:
Subsystem: Resolution:
Last Modified: 2018-10-08 17:19:05
Version Found In: latest
User Comments:
anonymous added on 2018-10-08 17:19:05:
Hi all,

It seems that tdbc::mysql tries to dynamically load the MySql client library, but no check is made if it has been actually loaded. This trivially leads to the following crash, when using the package:

#0  0x0000000000000000 in ?? ()
#1  0x00007fffe2af30bc in ConfigureConnection ()
   from /opt/BAWT/Tcl/lib/tdbcmysql1.0.5/libtdbcmysql1.0.5.so
#2  0x00007fffe2af3366 in ConnectionConstructor ()
   from /opt/BAWT/Tcl/lib/tdbcmysql1.0.5/libtdbcmysql1.0.5.so
#3  0x00007ffff7b6bb1b in TclOO_Class_Create ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#4  0x00007ffff7b69f83 in TclOOObjectCmdCore ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#5  0x00007ffff7a63087 in TclNRRunCallbacks ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#6  0x00007ffff7a64f29 in TclEvalEx ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#7  0x00007ffff7b2cc69 in TclSubstTokens ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#8  0x00007ffff7a64d73 in TclEvalEx ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#9  0x00007ffff7b19cd2 in Tcl_FSEvalFileEx ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#10 0x00007ffff7b21187 in Tcl_MainEx ()
   from /home/tcl/bawt/BawtBuild/Linux/x64/Release/Install/Tcl/lib/libtcl8.7.so
#11 0x0000000000400784 in main ()

Somewhere in ConfigureConnection(), a NULL pointer is called, without checking if it NULL.

And this is very easy to happen, just run tdbc::mysql on any Fedora distribution (that uses MariaDB by default, and the client is named /usr/lib64/libmariadb.so.3).