#At file:///home/svoj/mysql/server/mysql-5.5-bug59895/ based on revid:dmitry.lenev@stripped
3328 Sergey Vojtovich 2011-02-17
BUG#11766720 - setting storage engine to null segfaults mysqld
MONTHNAME(0) claims that it is about to return NOT NULL
value, whereas it actually returns NULL.
As a result storage_engine variable (which cannot be NULL)
protection was bypassed and NULL value was accepted, causing
server crash.
Fixed MONTHNAME(0) to report valid NULL flag.
@ mysql-test/r/func_time.result
A test case for BUG#11766720.
@ mysql-test/t/func_time.test
A test case for BUG#11766720.
@ sql/item_timefunc.cc
MONTHNAME(0) must report NULL, as opposed to base class
MONTH(0) which is NOT NULL.
For this purpose Item_func_monthname must implement
it's own val_int() method, which is later used by
Item_func::is_null().
@ sql/item_timefunc.h
MONTHNAME(0) must report NULL, as opposed to base class
MONTH(0) which is NOT NULL.
For this purpose Item_func_monthname must implement
it's own val_int() method, which is later used by
Item_func::is_null().
modified:
mysql-test/r/func_time.result
mysql-test/t/func_time.test
sql/item_timefunc.cc
sql/item_timefunc.h
=== modified file 'mysql-test/r/func_time.result'
--- a/mysql-test/r/func_time.result 2011-02-02 18:16:06 +0000
+++ b/mysql-test/r/func_time.result 2011-02-17 12:37:31 +0000
@@ -1368,3 +1368,9 @@ SELECT SUBDATE(STR_TO_DATE(NULL,0), INTE
SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR)
NULL
#
+# BUG#59895 - setting storage engine to null segfaults mysqld
+#
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL;
+MONTHNAME(0) MONTHNAME(0) IS NULL
+NULL 1
+#
=== modified file 'mysql-test/t/func_time.test'
--- a/mysql-test/t/func_time.test 2011-02-02 18:16:06 +0000
+++ b/mysql-test/t/func_time.test 2011-02-17 12:37:31 +0000
@@ -881,4 +881,9 @@ SELECT WEEK(STR_TO_DATE(NULL,0));
SELECT SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR);
--echo #
+--echo # BUG#59895 - setting storage engine to null segfaults mysqld
+--echo #
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL;
+
+--echo #
=== modified file 'sql/item_timefunc.cc'
--- a/sql/item_timefunc.cc 2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.cc 2011-02-17 12:37:31 +0000
@@ -1129,6 +1129,15 @@ void Item_func_monthname::fix_length_and
}
+longlong Item_func_monthname::val_int()
+{
+ longlong month= Item_func_month::val_int();
+ if (!month)
+ null_value= 1;
+ return month;
+}
+
+
String* Item_func_monthname::val_str(String* str)
{
DBUG_ASSERT(fixed == 1);
@@ -1136,12 +1145,8 @@ String* Item_func_monthname::val_str(Str
uint month= (uint) val_int();
uint err;
- if (null_value || !month)
- {
- null_value=1;
+ if (null_value)
return (String*) 0;
- }
- null_value=0;
month_name= locale->month_names->type_names[month-1];
str->copy(month_name, (uint) strlen(month_name), &my_charset_utf8_bin,
collation.collation, &err);
=== modified file 'sql/item_timefunc.h'
--- a/sql/item_timefunc.h 2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.h 2011-02-17 12:37:31 +0000
@@ -169,6 +169,7 @@ class Item_func_monthname :public Item_f
public:
Item_func_monthname(Item *a) :Item_func_month(a) {}
const char *func_name() const { return "monthname"; }
+ longlong val_int();
String *val_str(String *str);
enum Item_result result_type () const { return STRING_RESULT; }
void fix_length_and_dec();
Attachment: [text/bzr-bundle] bzr/sergey.vojtovich@oracle.com-20110217123731-xqqgi4thbz2sp226.bundle
| Thread |
|---|
| • bzr commit into mysql-5.5 branch (sergey.vojtovich:3328) Bug#11766720 | Sergey Vojtovich | 17 Feb |
