Sqlyog Buffer Overrun

[smine]

SQLyog Ultimate 8.3; Windows XP Pro SP3 3GB RAM; MySQL 5.0.45 on Redhat.

i received the attached buffer overrun message today and SQLyog crashed. it was executing a DROP TABLE command with a list of concatenated tables. even though SQLyog crashed, all the tables were dropped.

i cannot show you the exact command because i used information_schema to group_concat a list of tables to drop, and since all the tables were dropped, i cannot recreate the exact list of tables.

i know the length of the command was more than 1024 and less than 4096 because i had to use 'set session group_concat_max_len = 4096;' because default 1024 was too short.

[peterlaursen]

I think first of all you should reboot the system.  It could equally well be a Windows issue as a SQLyog issue. 

Should you be able to reproduce more details would be very much appreciated. In this case we do not and cannot save a dump for debugging.  But we will of course discuss what options we have.  There is reasonable information to work with.

[nithin]

Quote:

even though SQLyog crashed, all the tables were dropped.

Can you verify whether crash dump created or not?, please attach the dump if created so we can analyze the issue whether its due to the SQLyog code or not.

[smine]

sorry, i think there is no dump. the only dump file i see is “SQLyog_Dump_000.dmp 0KB 4/15/2010 6:52 AM” which i believe is when i restarted SQLyog on Friday morning (it was a regular restart, not caused by the crash i reported).

i might be able to recreate the problem, i will try.

[peterlaursen]

Please provide a template for the query omitting specific identifier names.

DROP table_1, table_2, … , table_n LIKE croup_concat(SELECT .. FROM I_S …) 

or whatever … 

[peterlaursen]

I do not think the query matters.

This is related to autocomplete.  A string containing one or more instances of the '_' (underscore) or '' (backslash) characters may accidentally become longer than the buffer allocated.  We will escape ('_' and '\') those characters internally and did not consider the increase of length due to this. When AC tried to lookup the match with the string this overrun occurred.   

It requires a pretty long continuous string with no comma, (all kinds of) quotes or spaces and one or more occurrances of '_' or ''. Autocomplete and sending the query run in different threads so SQLyog may have had enough time to send the query before this happened.  Or you simply moved the cursor to such long word after executing.

We are fixing this now.

[smine]

'peterlaursen' wrote on '18:

Please provide a template for the query omitting specific identifier names.

DROP table_1, table_2, … , table_n LIKE croup_concat(SELECT .. FROM I_S …)

or whatever …

you may no longer need this info, but i was able to replicate the error. here is the string i just used. when i ran this (by hitting F9 with the cursor neaer the beginning of the string), SQLyog immediately closed, there was no error message and no dump. the string contains 2471 chars. (i attached it as a file because it is too long to see in this forum.)

[Khushboo]

Hello,

We have released SQLyog 8.4 RC with this fix.

“Very long strings containing the ‘_’ or the ‘’ character could cause a buffer overrun when looking up a match in the auto-complete database. Windows would then terminate SQLyog.”

Refer to:

http://www.webyog.com/blog/2010/04/20/sqlyog-mysql-gui-8-4-rc-has-been-released/

Please evaluate and let us know the status.

Thanks & Regards,

Khushboo

[smine]

'Khushboo' wrote on '20:

We have released SQLyog 8.4 RC with this fix.

“Very long strings containing the '_' or the '' character could cause a buffer overrun when looking up a match in the auto-complete database. Windows would then terminate SQLyog.”

Please evaluate and let us know the status.

sorry, but i am still seeing the same behavior. i am trying to drop 76 tables using the command in the attached file (2367 chars). when i press F9 to execute the command, SQLyog closes (no crash, no messages, no dump). the tables are successfully deleted.

[Mahesh]

Can you please attach a structure only dump of all tables along with problematic query(If differs from previous).You can use “Backup database as SQLdump”.

We have created an account for you to send files here, https://www.yousendit.com/login.php

Please login with the below details,

Email : [email protected]

Password : tester

and send file(zipped) to email address “[email protected]” mentioning subject as “SQLyog Buffer Overrun”.

We will check this behavior at our end and get back to you.

[Khushboo]

Quote:

sorry, but i am still seeing the same behavior.

Additionally please provide these information:

1. Are you getting the same error dialog as previous or SQLyog is closing without prompting any error dialog?

2. Also, uncheck Auto complete option (Preferences -> Powertools -> Enable Autocomplete), and then try the same case?

3. What is the Operating System?

[smine]

'Mahesh' wrote on '26:

Can you please attach a structure only dump of all tables along with problematic query(If differs from previous).You can use “Backup database as SQLdump”. …

i sent SQLyog Buffer Overrun.zip file that contains the tables structure dump and the DROP TABLE command that fails. please see a few more details in my next reply.

[smine]

'Khushboo' wrote on '26:

Additionally please provide these information:

1. Are you getting the same error dialog as previous or SQLyog is closing without prompting any error dialog?

2. Also, uncheck Auto complete option (Preferences -> Powertools -> Enable Autocomplete), and then try the same case?

3. What is the Operating System?

[*]with the command i am using now, SQLyog closes with no prompting or error dialog. (the command i am using now is longer than the command i used when i got the runtime error dialog)[*]i unchecked Autocomplete and there was no failure! i checked Autocomplete and there was failure! please note that i build the command outside of the SQL yog editor, then paste it into the SQLyog edit window, then move the cursor into the command, then press F9[*]Windows XP Pro Version 2002 Service Pack 3 running on Dell Optiplex 755 with Intel Core2 Quad CPU Q6600 @ 2.40GHz with 2.98 GB of RAM and Physical Address Extension

[Mahesh]

Issue Confirmed

We will analyze this and get back to you soon.

Thanks for your Co-Operation.

[nithin]

Hello,

Thanks for the test case.

I am giving a special build with this issue got fixed. Please verify with your environment and let us know the status.

Please find the special build here.

Regards

Nithin

[smine]

looks good! thanks for the quick fix.

[smine]

(please ignore)

[Author]

Posts