Headline
CVE-2023-36367: MonetDB server 11.46.0 crashes at `BLOBcmp` · Issue #7380 · MonetDB/MonetDB
An issue in the BLOBcmp component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
Describe the bug
MonetDB server 11.46.0 crashes at BLOBcmp after executing SQL statements through mclient.
CREATE TABLE a (p_id INT, p_name BLOB); INSERT INTO a VALUES (1,NULL); TRACE select * from a where p_name=’Lilu’;
Expected behavior
Executing statements successfully or throwing errors, instead of breaking down the whole MonetDB server.
#0 0x7f2b15259d39 (BLOBcmp+0x19)
#1 0x7f2b14b2a171 (prepareMalEvent+0x541)
#2 0x7f2b14b2b10f (sqlProfilerEvent+0x6f)
#3 0x7f2b14b152ec (runtimeProfileExit+0x11c)
#4 0x7f2b14b1ab01 (runMALsequence+0x1601)
#5 0x7f2b14b1d5d4 (DFLOWworker+0x2c4)
#6 0x7f2b15254ba0 (THRstarter+0x100)
#7 0x7f2b152c4cc4 (thread_starter+0x34)
#8 0x7f2b14639609 (start_thread+0xd9)
#9 0x7f2b1455e133 (clone+0x43)
Additional context
The MonetDB here runs in-memory database. The command line of starting MonetDB server is mserver5 --in-memory.