From: Date: September 28 2006 12:10am Subject: bk commit into 5.0 tree (cmiller:1.2297) BUG#20778 List-Archive: http://lists.mysql.com/commits/12667 X-Bug: 20778 Message-Id: <20060927221050.C1EAA83077@zippy> Below is the list of changes that have just been committed into a local 5.0 repository of cmiller. When cmiller does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2006-09-27 18:10:41-04:00, cmiller@stripped +3 -0 Bug #20778: strange characters in warning message 1366 when called in SP The function receives an exactly-sized buffer (not a C NUL-terminated string) and passes it into a printf function to be interpreted with "%s". Instead, create an intermediate String object, and copy the data into it, and pass in a pointer to the String's NUL-terminated buffer. mysql-test/r/warnings.result@stripped, 2006-09-27 18:10:39-04:00, cmiller@stripped +56 -0 Test that warnings do not read outside its intended memory space. mysql-test/t/warnings.test@stripped, 2006-09-27 18:10:39-04:00, cmiller@stripped +57 -1 Test that warnings do not read outside its intended memory space. sql/field.cc@stripped, 2006-09-27 18:10:39-04:00, cmiller@stripped +20 -8 Create a new String object and use a pointer to its data instead of the exactly-sized buffer to be interpreted as a C string deep within the errmsg.txt list via printf. # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: cmiller # Host: zippy.cornsilk.net # Root: /home/cmiller/work/mysql/mysql-5.0-maint --- 1.323/sql/field.cc 2006-09-27 18:10:50 -04:00 +++ 1.324/sql/field.cc 2006-09-27 18:10:50 -04:00 @@ -2316,11 +2316,16 @@ int Field_new_decimal::store(const char from, length, charset, &decimal_value)) && table->in_use->abort_on_warning) { + /* Because "from" is not NUL-terminated and we use %s in the ER() */ + String from_as_str; + from_as_str.copy(from, length, &my_charset_bin); + push_warning_printf(table->in_use, MYSQL_ERROR::WARN_LEVEL_ERROR, ER_TRUNCATED_WRONG_VALUE_FOR_FIELD, ER(ER_TRUNCATED_WRONG_VALUE_FOR_FIELD), - "decimal", from, field_name, + "decimal", from_as_str.c_ptr(), field_name, (ulong) table->in_use->row_count); + DBUG_RETURN(err); } @@ -2333,13 +2338,20 @@ int Field_new_decimal::store(const char set_value_on_overflow(&decimal_value, decimal_value.sign()); break; case E_DEC_BAD_NUM: + { + /* Because "from" is not NUL-terminated and we use %s in the ER() */ + String from_as_str; + from_as_str.copy(from, length, &my_charset_bin); + push_warning_printf(table->in_use, MYSQL_ERROR::WARN_LEVEL_WARN, ER_TRUNCATED_WRONG_VALUE_FOR_FIELD, ER(ER_TRUNCATED_WRONG_VALUE_FOR_FIELD), - "decimal", from, field_name, + "decimal", from_as_str.c_ptr(), field_name, (ulong) table->in_use->row_count); my_decimal_set_zero(&decimal_value); + break; + } } #ifndef DBUG_OFF --- 1.25/mysql-test/t/warnings.test 2006-09-27 18:10:50 -04:00 +++ 1.26/mysql-test/t/warnings.test 2006-09-27 18:10:50 -04:00 @@ -156,4 +156,60 @@ select * from t1 limit 1, 0; select * from t1 limit 0, 0; drop table t1; -# End of 4.1 tests +--echo End of 4.1 tests + +# +# Bug#20778: strange characters in warning message 1366 when called in SP +# + +let $engine_type= innodb; + +CREATE TABLE t1( f1 CHAR(20) ); +CREATE TABLE t2( f1 CHAR(20), f2 CHAR(25) ); +CREATE TABLE t3( f1 CHAR(20), f2 CHAR(25), f3 DATE ); + +INSERT INTO t1 VALUES ( 'a`' ); +INSERT INTO t2 VALUES ( 'a`', 'a`' ); +INSERT INTO t3 VALUES ( 'a`', 'a`', '1000-01-1' ); + +DROP PROCEDURE IF EXISTS sp1; +DROP PROCEDURE IF EXISTS sp2; +DROP PROCEDURE IF EXISTS sp3; +delimiter //; +CREATE PROCEDURE sp1() +BEGIN + DECLARE x NUMERIC ZEROFILL; + SELECT f1 INTO x FROM t1 LIMIT 1; +END// +CREATE PROCEDURE sp2() +BEGIN + DECLARE x NUMERIC ZEROFILL; + SELECT f1 INTO x FROM t2 LIMIT 1; +END// +CREATE PROCEDURE sp3() +BEGIN + DECLARE x NUMERIC ZEROFILL; + SELECT f1 INTO x FROM t3 LIMIT 1; +END// +delimiter ;// +CALL sp1(); +CALL sp2(); +CALL sp3(); + +DROP PROCEDURE IF EXISTS sp1; +delimiter //; +CREATE PROCEDURE sp1() +BEGIN +declare x numeric unsigned zerofill; +SELECT f1 into x from t2 limit 1; +END// +delimiter ;// +CALL sp1(); +DROP TABLE t1; +DROP TABLE t2; +DROP TABLE t3; +DROP PROCEDURE sp1; +DROP PROCEDURE sp2; +DROP PROCEDURE sp3; + +--echo End of 5.0 tests --- 1.38/mysql-test/r/warnings.result 2006-09-27 18:10:50 -04:00 +++ 1.39/mysql-test/r/warnings.result 2006-09-27 18:10:50 -04:00 @@ -243,3 +243,59 @@ a select * from t1 limit 0, 0; a drop table t1; +End of 4.1 tests +CREATE TABLE t1( f1 CHAR(20) ); +CREATE TABLE t2( f1 CHAR(20), f2 CHAR(25) ); +CREATE TABLE t3( f1 CHAR(20), f2 CHAR(25), f3 DATE ); +INSERT INTO t1 VALUES ( 'a`' ); +INSERT INTO t2 VALUES ( 'a`', 'a`' ); +INSERT INTO t3 VALUES ( 'a`', 'a`', '1000-01-1' ); +DROP PROCEDURE IF EXISTS sp1; +Warnings: +Note 1305 PROCEDURE sp1 does not exist +DROP PROCEDURE IF EXISTS sp2; +Warnings: +Note 1305 PROCEDURE sp2 does not exist +DROP PROCEDURE IF EXISTS sp3; +Warnings: +Note 1305 PROCEDURE sp3 does not exist +CREATE PROCEDURE sp1() +BEGIN +DECLARE x NUMERIC ZEROFILL; +SELECT f1 INTO x FROM t1 LIMIT 1; +END// +CREATE PROCEDURE sp2() +BEGIN +DECLARE x NUMERIC ZEROFILL; +SELECT f1 INTO x FROM t2 LIMIT 1; +END// +CREATE PROCEDURE sp3() +BEGIN +DECLARE x NUMERIC ZEROFILL; +SELECT f1 INTO x FROM t3 LIMIT 1; +END// +CALL sp1(); +Warnings: +Warning 1366 Incorrect decimal value: 'a`' for column 'x' at row 1 +CALL sp2(); +Warnings: +Warning 1366 Incorrect decimal value: 'a`' for column 'x' at row 1 +CALL sp3(); +Warnings: +Warning 1366 Incorrect decimal value: 'a`' for column 'x' at row 1 +DROP PROCEDURE IF EXISTS sp1; +CREATE PROCEDURE sp1() +BEGIN +declare x numeric unsigned zerofill; +SELECT f1 into x from t2 limit 1; +END// +CALL sp1(); +Warnings: +Warning 1366 Incorrect decimal value: 'a`' for column 'x' at row 1 +DROP TABLE t1; +DROP TABLE t2; +DROP TABLE t3; +DROP PROCEDURE sp1; +DROP PROCEDURE sp2; +DROP PROCEDURE sp3; +End of 5.0 tests