List:Commits« Previous MessageNext Message »
From:Olav Sandstaa Date:October 7 2010 10:49am
Subject:Re: bzr commit into mysql-5.5-bugteam branch (tor.didriksen:3096)
Bug#57209
View as plain text  
Hi Tor,

Patch looks correct and I have verified that there are no crash or 
valgrind errors after applying it. OK to push.

Olav


On 10/ 7/10 10:14 AM, Tor Didriksen wrote:
> #At file:///export/home/didrik/repo/5.5-bugteam-bug57209/ based on
> revid:alexander.nozdrin@stripped
>
>   3096 Tor Didriksen	2010-10-07
>        Bug#57209 valgrind + Assertion failed: dst>  buf
>
>        Buffer overrun when trying to format DBL_MAX
>       @ mysql-test/r/func_math.result
>          Add test case for Bug#57209
>       @ mysql-test/t/func_math.test
>          Add test case for Bug#57209
>       @ sql/item_strfunc.cc
>          Allocate a larger buffer for the result.
>
>      modified:
>        mysql-test/r/func_math.result
>        mysql-test/t/func_math.test
>        sql/item_strfunc.cc
> === modified file 'mysql-test/r/func_math.result'
> --- a/mysql-test/r/func_math.result	2010-04-11 06:52:42 +0000
> +++ b/mysql-test/r/func_math.result	2010-10-07 08:14:27 +0000
> @@ -600,3 +600,14 @@ NULL
>   SELECT -9223372036854775808 MOD -1;
>   -9223372036854775808 MOD -1
>   0
> +#
> +# Bug #57209 valgrind + Assertion failed: dst>  buf
> +#
> +select floor(log10(format(concat_ws(5445796E25, 5306463, 30837),
> +period_diff(0.2286, 2989582))
> +)
> +)
> +as foo
> +;
> +foo
> +2
>
> === modified file 'mysql-test/t/func_math.test'
> --- a/mysql-test/t/func_math.test	2010-03-18 10:38:29 +0000
> +++ b/mysql-test/t/func_math.test	2010-10-07 08:14:27 +0000
> @@ -458,3 +458,13 @@ SELECT 2 DIV -2;
>   SELECT -(1 DIV 0);
>   # Crashed the server with SIGFPE before the bugfix
>   SELECT -9223372036854775808 MOD -1;
> +
> +--echo #
> +--echo # Bug #57209 valgrind + Assertion failed: dst>  buf
> +--echo #
> +select floor(log10(format(concat_ws(5445796E25, 5306463, 30837),
> +                          period_diff(0.2286, 2989582))
> +                   )
> +             )
> +  as foo
> +;
>
> === modified file 'sql/item_strfunc.cc'
> --- a/sql/item_strfunc.cc	2010-08-20 11:14:11 +0000
> +++ b/sql/item_strfunc.cc	2010-10-07 08:14:27 +0000
> @@ -2299,7 +2299,8 @@ String *Item_func_format::val_str_ascii(
>     if (lc->grouping[0]>  0&&
>         str_length>= dec_length + 1 + lc->grouping[0])
>     {
> -    char buf[DECIMAL_MAX_STR_LENGTH * 2]; /* 2 - in the worst case when grouping=1
> */
> +    /* We need space for ',' between each triplet of digits as well. */
> +    char buf[FLOATING_POINT_BUFFER + FLOATING_POINT_BUFFER/3];
>       int count;
>       const char *grouping= lc->grouping;
>       char sign_length= *str->ptr() == '-' ? 1 : 0;
>
>    
>
>
>
>
Thread
bzr commit into mysql-5.5-bugteam branch (tor.didriksen:3096) Bug#57209Tor Didriksen7 Oct
  • Re: bzr commit into mysql-5.5-bugteam branch (tor.didriksen:3096)Bug#57209Olav Sandstaa7 Oct