From: Sergey Vojtovich
Date: February 17 2011 12:37pm
Subject: bzr commit into mysql-5.5 branch (sergey.vojtovich:3328) Bug#11766720
List-Archive: http://lists.mysql.com/commits/131543
X-Bug: 11766720
Message-Id: <201102171239.p1HCdOIi010395@rcsinet13.oracle.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3699891454250709928=="

--===============3699891454250709928==
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

#At file:///home/svoj/mysql/server/mysql-5.5-bug59895/ based on revid:dmitry.lenev@stripped

 3328 Sergey Vojtovich	2011-02-17
      BUG#11766720 - setting storage engine to null segfaults mysqld
      
      MONTHNAME(0) claims that it is about to return NOT NULL
      value, whereas it actually returns NULL.
      
      As a result storage_engine variable (which cannot be NULL)
      protection was bypassed and NULL value was accepted, causing
      server crash.
      
      Fixed MONTHNAME(0) to report valid NULL flag.
     @ mysql-test/r/func_time.result
        A test case for BUG#11766720.
     @ mysql-test/t/func_time.test
        A test case for BUG#11766720.
     @ sql/item_timefunc.cc
        MONTHNAME(0) must report NULL, as opposed to base class
        MONTH(0) which is NOT NULL.
        
        For this purpose Item_func_monthname must implement
        it's own val_int() method, which is later used by
        Item_func::is_null().
     @ sql/item_timefunc.h
        MONTHNAME(0) must report NULL, as opposed to base class
        MONTH(0) which is NOT NULL.
        
        For this purpose Item_func_monthname must implement
        it's own val_int() method, which is later used by
        Item_func::is_null().

    modified:
      mysql-test/r/func_time.result
      mysql-test/t/func_time.test
      sql/item_timefunc.cc
      sql/item_timefunc.h
=== modified file 'mysql-test/r/func_time.result'
--- a/mysql-test/r/func_time.result	2011-02-02 18:16:06 +0000
+++ b/mysql-test/r/func_time.result	2011-02-17 12:37:31 +0000
@@ -1368,3 +1368,9 @@ SELECT SUBDATE(STR_TO_DATE(NULL,0), INTE
 SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR)
 NULL
 #
+# BUG#59895 - setting storage engine to null segfaults mysqld
+#
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL;
+MONTHNAME(0)	MONTHNAME(0) IS NULL
+NULL	1
+#

=== modified file 'mysql-test/t/func_time.test'
--- a/mysql-test/t/func_time.test	2011-02-02 18:16:06 +0000
+++ b/mysql-test/t/func_time.test	2011-02-17 12:37:31 +0000
@@ -881,4 +881,9 @@ SELECT WEEK(STR_TO_DATE(NULL,0));
 SELECT SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR);
 
 --echo #
+--echo # BUG#59895 - setting storage engine to null segfaults mysqld
+--echo #
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL;
+
+--echo #
 

=== modified file 'sql/item_timefunc.cc'
--- a/sql/item_timefunc.cc	2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.cc	2011-02-17 12:37:31 +0000
@@ -1129,6 +1129,15 @@ void Item_func_monthname::fix_length_and
 }
 
 
+longlong Item_func_monthname::val_int()
+{
+  longlong month= Item_func_month::val_int();
+  if (!month)
+    null_value= 1;
+  return month;
+}
+
+
 String* Item_func_monthname::val_str(String* str)
 {
   DBUG_ASSERT(fixed == 1);
@@ -1136,12 +1145,8 @@ String* Item_func_monthname::val_str(Str
   uint month= (uint) val_int();
   uint err;
 
-  if (null_value || !month)
-  {
-    null_value=1;
+  if (null_value)
     return (String*) 0;
-  }
-  null_value=0;
   month_name= locale->month_names->type_names[month-1];
   str->copy(month_name, (uint) strlen(month_name), &my_charset_utf8_bin,
 	    collation.collation, &err);

=== modified file 'sql/item_timefunc.h'
--- a/sql/item_timefunc.h	2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.h	2011-02-17 12:37:31 +0000
@@ -169,6 +169,7 @@ class Item_func_monthname :public Item_f
 public:
   Item_func_monthname(Item *a) :Item_func_month(a) {}
   const char *func_name() const { return "monthname"; }
+  longlong val_int();
   String *val_str(String *str);
   enum Item_result result_type () const { return STRING_RESULT; }
   void fix_length_and_dec();


--===============3699891454250709928==
MIME-Version: 1.0
Content-Type: text/bzr-bundle; charset="us-ascii";
	name="bzr/sergey.vojtovich@stripped"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: sergey.vojtovich@stripped\
#   xqqgi4thbz2sp226
# target_branch: file:///home/svoj/mysql/server/mysql-5.5-bug59895/
# testament_sha1: 9e6b42c88b2c3b9154dab39316948e2ad792acb6
# timestamp: 2011-02-17 15:37:36 +0300
# base_revision_id: dmitry.lenev@stripped\
#   ssyuf0i2fhrb595k
# 
# Begin bundle
IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWQ0yYJkABEZfgEAweOf//3vn
jwC////6YAku+ifSqUCgzFmqVUAoCaNQVPSnpG0EaGBMg0aMmRoZAMgGhgcwBGCYgGATBNGQ0MAm
CMTHMARgmIBgEwTRkNDAJgjEwkhCGkNTU8p5Q/Uj0m9UAG9SGgNABoAioQExMgSfpDBGFNopkDQ0
0AGJoJJNJo0mEwmRpNNNBCaJjaKMaj1BhB6g5CPIEMqbTRAzes1gYyIAUBF72Rc/4zjwKVuoBgla
THjII6285DvdDr+n6Kxt1jitYFYcqjLRPLXlTXHUUt4p/LVF/NUi4r6WN0uxOwfQHBmYGGTN+3+E
dTKivSBBhtzOzJvNZulKB5smY3xydRib1XrHZ8ZydJs4HTEizaTkTO7ClS0xIglhBPTUwZLgx97+
BaX1HYvdiRUw4qkE1xhgnDVAOXEvq1dNEfhZrQregmBW83lyupiXk3xkRypGPx6c+sPfq/tsH8up
VDwkD+Xuz7AUMIPb0GG/RFpBl0GPzA+YxFW8cLuWlAMMkwYkjCmBU5WordDcP+KF7nevB8xomNkc
sw5SzzF5uZqw2XbqC4TYk+hAwkZIuBHaCO8uURDIXEJY3jZUSDMI9/WaA5Mzfaxj3AtE8gKRZDQV
RGIzKERjIYKEiC1fEjmLSJQQqqJFRWlMUk+Y5cOe4pKqe47lefFkW2wGshTFi6gHL0ylo/jSoVyH
W58TbGwsoUKV9jRTQUNA5QW6GQ9MuFNdoxJvAfQTfMZgY/3dwMleK8sqg1thIEz1qPykQkfh4bco
pjmLziVlmIPwiZBwHOTg8iz/tNmeuE0XKg6jQYXklC9uB0xHS6og3UmhmblXhLpz1Qsd/McVthuK
OJyjQB/zZan1BVqo5VND/uMF3rdmJisEwxRRIpJzpkqMsmxMaz4rtqpqCK6rAVO4u7wpRSU2vyO8
9yqxxzK7mFUNcOWkHW8YgWaFTcaDgNMmc3XeGqNOSiUhHVYGJHzKVaWK4FyWKv2njYMYccShsVOW
rH/jI3Fq8lx8KxXnSJQMamxYLfYvM6VFHdxXQ+Hir7DLqXD1rVVfFfRtrNzOyrLNvfZKZLGsiGL6
qiNFBWPhB7dj1nbKmtU9IzIbjaBRxhzZGmJPlQbsjxXonVhYWvv3ChuEmegd11IgtxVfIJzvDeV3
W6zeQqOY5jAPJbFF+N5wLxqxOOYEXUIEgpNaiJTAsJQyyVCuMio322Ng1zNoUlw+zk7LnFaTRvfe
eEyYnitrSoWW8Y4yV5GI5g0GclGJMcuzHGmUb7QxM+MylxogvtH0ptgTo49+I8IZEpxYwqA9snhD
yacnuSh2tObmLn0Zo7GEdyhAzDMGYYoMfoHn5VrRynxEuMhBgkCVwfa/ESfA95S/NPgDUyIBOjUT
o/ASd91BGwi/kJB+YM0Qbgcr82Yp+RSzg+SQRqzaRgGPaEQ6JBeQe0mhjFCBFgihbxlBHgOhVK+U
yMvFBzsGeg9/OCLomV+3fJSQwEPRGw1f84BqlrTZ6nH13pFXqfEwqHKSd5Vz2Zxwhmtqeli/L5G/
uKV6lynIj3LrlH1PyOBE30yoLgyMNnCd9QPueaf3BavCDvE13n4aSDDaajjv0KSsaBErAN4VeK1D
Ubh8rJXnnd3DYF4/oK9hczbHBiCZQS6W5onPFjTVEcsNZpDHGfUUGcmiYnK2qE8UG4/piYlBHifo
vRGBVmq3stwOLH5pwgewuDZRQhxDBSfPPQmehCCpPOTPwPM2MhkKreoRDwngeECOS8CC7Djzz+Ju
JzNzbeuLngSmM7XZDjej3WasxkIrTnLiUs2H+oWgHBHsX13GiejAcSDolUcnujo7/fpF5Q8bkpEh
C0YkzF8XsUEvFZFKDASqmcwVq8PIaZmamY54xKDyPAeTIuelKSuTUc35B08ggG5L3EiEjMJuHz9b
8IxY0rh08zXIDbACwiLY9GJO+wGtefBxNbWX8mh7Tm7dow68YMucgvZ4swswkUdFH1c24ik6UsC3
mZnS7kJzQZzRI82ZXe4llKQRjjjhuRhk3nJMECQpI2drHct4Z6+2p2than7eOyumpbG1NJQaVkUn
jlfGMWO0P+sDs03PtOhO7PMXgZH2MDniu5mDkRN7k9HBMFuCZZbJP18EmPDB7St77PRJwSAOowch
sYHNNsGPFlaTDaZYtAdr41bCR6DZAGqqN4j7CCICImaIXDXLRd2jeW9T5bMhButS0vPQjV/LUGhm
aWTyJVH1FwHraA1iNxSsCAT6mLEgwiEGuTNwiWl7a1EyQSpYNbKI5HA68J3nqwdi5ni3Oso4nm1F
Zm5v04o9j0RMAJ+I3LQ1GoynkfQE0qYkz5BJ1MQ76+zlx6M52FYuUw1gsfCAQHxgEyWWGJIzN95A
30k5V65qbDi2vIzGF4MXuducHvdGc+8Gtzmgw5xInKB6Qdxi5ShV7uEmitT1B5pB7u6KUJKZKFt6
citDmfAaiWY5zVKmzexQKU3NbHMs+kLkxSoH1HNpqBQ/2zRfbSTCN45iuZ+KGDT4NvmroDa24K60
nDgu/sM2BzUGprnd3d3d+0CvNk4yLTJDRUC4GEXhJKAmrWS5FXUx4UBCMD37pQegpQ6dZvg52nEH
8QGOyhZtXR/UVgiZrkdg4FRBwIWyBk/uBMQWh/IouzzBGpasqK1zKWO4WfeyDO4Nshle0QcS3ZUH
Tvee92tq+/AWigIXRO9i6HAfMNNxQsE6xTAy1qTMcfFo3uOrq+WQXIvB3I731lNbqdDcWOhj7YBc
XPgX3WspjfMDFDU95G+qARRh1Zqm9TBkDOwcXXaljZJsi9nN1n/i7kinChIBpkwTIA==


--===============3699891454250709928==--