From f7955a50e6a7c163d45fc3bbe40884dc2d4b628e Mon Sep 17 00:00:00 2001 From: ChillerDragon Date: Wed, 9 Oct 2024 09:46:34 +0900 Subject: [PATCH] Fix empty vector element access in mysql prepare If the sql statement does not contain placeholders ``NumParameters`` can be empty. In that case accessing the first element will cause an asan error: ``` runtime error: reference binding to null pointer of type 'st_mysql_bind' ``` --- src/engine/server/databases/mysql.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/engine/server/databases/mysql.cpp b/src/engine/server/databases/mysql.cpp index 2479733f0..0943c0abc 100644 --- a/src/engine/server/databases/mysql.cpp +++ b/src/engine/server/databases/mysql.cpp @@ -331,8 +331,11 @@ bool CMysqlConnection::PrepareStatement(const char *pStmt, char *pError, int Err unsigned NumParameters = mysql_stmt_param_count(m_pStmt.get()); m_vStmtParameters.resize(NumParameters); m_vStmtParameterExtras.resize(NumParameters); - mem_zero(&m_vStmtParameters[0], sizeof(m_vStmtParameters[0]) * m_vStmtParameters.size()); - mem_zero(&m_vStmtParameterExtras[0], sizeof(m_vStmtParameterExtras[0]) * m_vStmtParameterExtras.size()); + if(NumParameters) + { + mem_zero(&m_vStmtParameters[0], sizeof(m_vStmtParameters[0]) * m_vStmtParameters.size()); + mem_zero(&m_vStmtParameterExtras[0], sizeof(m_vStmtParameterExtras[0]) * m_vStmtParameterExtras.size()); + } return false; }