Memory Allocation Issue in ProxySQL_Cluster::pull_mysql_servers_v2_from_peer
SuJinpei opened this issue · 1 comments
SuJinpei commented
Description of the Issue
There is a potential buffer overflow vulnerability in the ProxySQL_Cluster::pull_mysql_servers_v2_from_peer
function within the ProxySQL_Cluster.cpp
file. Specifically, in the code that inserts data into the mysql_servers
table, the memory allocation for the query string uses an incorrect variable, which could lead to insufficient memory allocation and subsequent buffer overflow.
ProxySQL Version
v2.x
Steps to Reproduce
- Open the
ProxySQL_Cluster.cpp
file. - Locate the
ProxySQL_Cluster::pull_mysql_servers_v2_from_peer
function. - Find the following line of code:
char *query = (char *)malloc(strlen(q)+i+strlen(o)+64);
- Observe that i is used instead of l for memory allocation.
Proposed Fix
Replace the line:
char *query = (char *)malloc(strlen(q)+i+strlen(o)+64);
with:
char *query = (char *)malloc(strlen(q)+l+strlen(o)+64);