#At file:///home/svoj/mysql/server/mysql-5.5-bug59895/ based on revid:dmitry.lenev@stripped
3328 Sergey Vojtovich 2011-02-18
BUG#11766720 - setting storage engine to null segfaults mysqld
MONTHNAME(0) claims that it is about to return NOT NULL
value, whereas it actually returns NULL.
As a result storage_engine variable (which cannot be NULL)
protection was bypassed and NULL value was accepted, causing
server crash.
Fixed MONTHNAME(0) to report valid NULL flag.
@ mysql-test/r/func_time.result
A test case for BUG#11766720.
@ mysql-test/t/func_time.test
A test case for BUG#11766720.
@ sql/item_timefunc.cc
MONTHNAME(0) must report NULL, as opposed to base class
MONTH(0) which is NOT NULL.
Fixed Item_func_monthname to inherit from Item_str_func
instead of Item_func_month.
@ sql/item_timefunc.h
MONTHNAME(0) must report NULL, as opposed to base class
MONTH(0) which is NOT NULL.
Fixed Item_func_monthname to inherit from Item_str_func
instead of Item_func_month.
modified:
mysql-test/r/func_time.result
mysql-test/t/func_time.test
sql/item_timefunc.cc
sql/item_timefunc.h
=== modified file 'mysql-test/r/func_time.result'
--- a/mysql-test/r/func_time.result 2011-02-02 18:16:06 +0000
+++ b/mysql-test/r/func_time.result 2011-02-18 07:45:14 +0000
@@ -136,7 +136,7 @@ dayname("1962-03-03") dayname("1962-03-0
Saturday 5
select monthname("1972-03-04"),monthname("1972-03-04")+0;
monthname("1972-03-04") monthname("1972-03-04")+0
-March 3
+March 0
select time_format(19980131000000,'%H|%I|%k|%l|%i|%p|%r|%S|%T');
time_format(19980131000000,'%H|%I|%k|%l|%i|%p|%r|%S|%T')
00|12|0|12|00|AM|12:00:00 AM|00|00:00:00
@@ -1368,3 +1368,9 @@ SELECT SUBDATE(STR_TO_DATE(NULL,0), INTE
SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR)
NULL
#
+# BUG#59895 - setting storage engine to null segfaults mysqld
+#
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL, MONTHNAME(0) + 1;
+MONTHNAME(0) MONTHNAME(0) IS NULL MONTHNAME(0) + 1
+NULL 1 NULL
+#
=== modified file 'mysql-test/t/func_time.test'
--- a/mysql-test/t/func_time.test 2011-02-02 18:16:06 +0000
+++ b/mysql-test/t/func_time.test 2011-02-18 07:45:14 +0000
@@ -881,4 +881,9 @@ SELECT WEEK(STR_TO_DATE(NULL,0));
SELECT SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR);
--echo #
+--echo # BUG#59895 - setting storage engine to null segfaults mysqld
+--echo #
+SELECT MONTHNAME(0), MONTHNAME(0) IS NULL, MONTHNAME(0) + 1;
+
+--echo #
=== modified file 'sql/item_timefunc.cc'
--- a/sql/item_timefunc.cc 2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.cc 2011-02-18 07:45:14 +0000
@@ -1133,16 +1133,18 @@ String* Item_func_monthname::val_str(Str
{
DBUG_ASSERT(fixed == 1);
const char *month_name;
- uint month= (uint) val_int();
uint err;
+ MYSQL_TIME ltime;
- if (null_value || !month)
- {
- null_value=1;
+ (void) get_arg0_date(<ime, TIME_FUZZY_DATE);
+
+ if (!ltime.month)
+ null_value= 1;
+
+ if (null_value)
return (String*) 0;
- }
- null_value=0;
- month_name= locale->month_names->type_names[month-1];
+
+ month_name= locale->month_names->type_names[ltime.month - 1];
str->copy(month_name, (uint) strlen(month_name), &my_charset_utf8_bin,
collation.collation, &err);
return str;
=== modified file 'sql/item_timefunc.h'
--- a/sql/item_timefunc.h 2011-02-10 08:18:08 +0000
+++ b/sql/item_timefunc.h 2011-02-18 07:45:14 +0000
@@ -163,16 +163,19 @@ public:
};
-class Item_func_monthname :public Item_func_month
+class Item_func_monthname :public Item_str_func
{
MY_LOCALE *locale;
public:
- Item_func_monthname(Item *a) :Item_func_month(a) {}
+ Item_func_monthname(Item *a) :Item_str_func(a) {}
const char *func_name() const { return "monthname"; }
String *val_str(String *str);
- enum Item_result result_type () const { return STRING_RESULT; }
void fix_length_and_dec();
bool check_partition_func_processor(uchar *int_arg) {return TRUE;}
+ bool check_valid_arguments_processor(uchar *int_arg)
+ {
+ return !has_date_args();
+ }
};
Attachment: [text/bzr-bundle] bzr/sergey.vojtovich@oracle.com-20110218074514-jysawkykn9yss4q5.bundle
| Thread |
|---|
| • bzr commit into mysql-5.5 branch (sergey.vojtovich:3328) Bug#11766720 | Sergey Vojtovich | 18 Feb |
