List:Commits« Previous MessageNext Message »
From:Chad MILLER Date:August 23 2006 7:15pm
Subject:bk commit into 5.0 tree (cmiller:1.2228) BUG#20908
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of cmiller. When cmiller does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2006-08-23 19:14:58+02:00, cmiller@stripped +4 -0
  Bug #20908: Crash if select @@""
  
  Zero-length variables caused failures when using the length to look
  up the name in a hash.  Instead, signal that no zero-length name can
  ever be found and that to encounter one is a syntax error.

  mysql-test/r/variables.result@stripped, 2006-08-23 19:14:53+02:00, cmiller@stripped
+6 -0
    Results for test.

  mysql-test/t/variables.test@stripped, 2006-08-23 19:14:54+02:00, cmiller@stripped
+11 -0
    Insert tests to prove that zero-length variable names do not cause
    faults.

  sql/gen_lex_hash.cc@stripped, 2006-08-23 19:14:54+02:00, cmiller@stripped +9 -2
    If the length is zero, then there is nothing to look-up in the 
    hash.

  sql/sql_lex.cc@stripped, 2006-08-23 19:14:54+02:00, cmiller@stripped +2 -0
    Names of variables must not be empty.  Signal an error of that 
    happens.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	cmiller
# Host:	maint1.mysql.com
# Root:	/data/localhome/cmiller/bug20908/my50-bug20908

--- 1.66/sql/gen_lex_hash.cc	2006-08-23 19:15:22 +02:00
+++ 1.67/sql/gen_lex_hash.cc	2006-08-23 19:15:22 +02:00
@@ -447,8 +447,9 @@ int main(int argc,char **argv)
    and you are welcome to modify and redistribute it under the GPL license\n\
    \n*/\n\n");
 
-  printf("/* This code is generated by gen_lex_hash.cc that seeks for\
- a perfect\nhash function */\n\n");
+  /* Broken up to indicate that it's not advice to you, gentle reader. */
+  printf("/* Do " "not " "edit " "this " "file!  This is generated by "
+         "gen_lex_hash.cc\nthat seeks for a perfect hash function */\n\n");
   printf("#include \"lex.h\"\n\n");
 
   calc_length();
@@ -468,6 +469,12 @@ static inline SYMBOL *get_hash_symbol(co
 {\n\
   register uchar *hash_map;\n\
   register const char *cur_str= s;\n\
+\n\
+  if (len == 0) {\n\
+    DBUG_PRINT(\"warning\", (\"get_hash_symbol() received a request for a zero-length
symbol, which is probably a mistake.\"));\
+    return(NULL);\n\
+  }\
+\n\
   if (function){\n\
     if (len>sql_functions_max_len) return 0;\n\
     hash_map= sql_functions_map;\n\

--- 1.192/sql/sql_lex.cc	2006-08-23 19:15:22 +02:00
+++ 1.193/sql/sql_lex.cc	2006-08-23 19:15:22 +02:00
@@ -1042,6 +1042,8 @@ int MYSQLlex(void *arg, void *yythd)
       if (c == '.')
 	lex->next_state=MY_LEX_IDENT_SEP;
       length= (uint) (lex->ptr - lex->tok_start)-1;
+      if (length == 0) 
+        return(ABORT_SYM);              // Names must be nonempty.
       if ((tokval= find_keyword(lex,length,0)))
       {
 	yyUnget();				// Put back 'c'

--- 1.87/mysql-test/r/variables.result	2006-08-23 19:15:22 +02:00
+++ 1.88/mysql-test/r/variables.result	2006-08-23 19:15:22 +02:00
@@ -689,6 +689,12 @@ select @@log_queries_not_using_indexes;
 show variables like 'log_queries_not_using_indexes';
 Variable_name	Value
 log_queries_not_using_indexes	OFF
+select @@"";
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '""' at line 1
+select @@&;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '&' at line 1
+select @@@;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '@' at line 1
 End of 5.0 tests
 set global binlog_cache_size         =@my_binlog_cache_size;
 set global connect_timeout           =@my_connect_timeout;

--- 1.62/mysql-test/t/variables.test	2006-08-23 19:15:22 +02:00
+++ 1.63/mysql-test/t/variables.test	2006-08-23 19:15:22 +02:00
@@ -585,6 +585,16 @@ show variables like 'ssl%';
 select @@log_queries_not_using_indexes;
 show variables like 'log_queries_not_using_indexes';
 
+#
+# Bug#20908: Crash if select @@""
+#
+--error ER_PARSE_ERROR
+select @@"";
+--error ER_PARSE_ERROR
+select @@&;
+--error ER_PARSE_ERROR
+select @@@;
+
 --echo End of 5.0 tests
 
 # This is at the very after the versioned tests, since it involves doing
@@ -620,3 +630,4 @@ set global server_id                 =@m
 set global slow_launch_time          =@my_slow_launch_time;
 set global storage_engine            =@my_storage_engine;
 set global thread_cache_size         =@my_thread_cache_size;
+
Thread
bk commit into 5.0 tree (cmiller:1.2228) BUG#20908Chad MILLER23 Aug