From: Sergey Vojtovich Date: February 18 2011 7:45am Subject: bzr commit into mysql-5.5 branch (sergey.vojtovich:3328) Bug#11766720 List-Archive: http://lists.mysql.com/commits/131599 X-Bug: 11766720 Message-Id: <201102180749.p1HBDpAq019530@acsinet15.oracle.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5013255407480030074==" --===============5013255407480030074== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline #At file:///home/svoj/mysql/server/mysql-5.5-bug59895/ based on revid:dmitry.lenev@stripped 3328 Sergey Vojtovich 2011-02-18 BUG#11766720 - setting storage engine to null segfaults mysqld MONTHNAME(0) claims that it is about to return NOT NULL value, whereas it actually returns NULL. As a result storage_engine variable (which cannot be NULL) protection was bypassed and NULL value was accepted, causing server crash. Fixed MONTHNAME(0) to report valid NULL flag. @ mysql-test/r/func_time.result A test case for BUG#11766720. @ mysql-test/t/func_time.test A test case for BUG#11766720. @ sql/item_timefunc.cc MONTHNAME(0) must report NULL, as opposed to base class MONTH(0) which is NOT NULL. Fixed Item_func_monthname to inherit from Item_str_func instead of Item_func_month. @ sql/item_timefunc.h MONTHNAME(0) must report NULL, as opposed to base class MONTH(0) which is NOT NULL. Fixed Item_func_monthname to inherit from Item_str_func instead of Item_func_month. modified: mysql-test/r/func_time.result mysql-test/t/func_time.test sql/item_timefunc.cc sql/item_timefunc.h === modified file 'mysql-test/r/func_time.result' --- a/mysql-test/r/func_time.result 2011-02-02 18:16:06 +0000 +++ b/mysql-test/r/func_time.result 2011-02-18 07:45:14 +0000 @@ -136,7 +136,7 @@ dayname("1962-03-03") dayname("1962-03-0 Saturday 5 select monthname("1972-03-04"),monthname("1972-03-04")+0; monthname("1972-03-04") monthname("1972-03-04")+0 -March 3 +March 0 select time_format(19980131000000,'%H|%I|%k|%l|%i|%p|%r|%S|%T'); time_format(19980131000000,'%H|%I|%k|%l|%i|%p|%r|%S|%T') 00|12|0|12|00|AM|12:00:00 AM|00|00:00:00 @@ -1368,3 +1368,9 @@ SELECT SUBDATE(STR_TO_DATE(NULL,0), INTE SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR) NULL # +# BUG#59895 - setting storage engine to null segfaults mysqld +# +SELECT MONTHNAME(0), MONTHNAME(0) IS NULL, MONTHNAME(0) + 1; +MONTHNAME(0) MONTHNAME(0) IS NULL MONTHNAME(0) + 1 +NULL 1 NULL +# === modified file 'mysql-test/t/func_time.test' --- a/mysql-test/t/func_time.test 2011-02-02 18:16:06 +0000 +++ b/mysql-test/t/func_time.test 2011-02-18 07:45:14 +0000 @@ -881,4 +881,9 @@ SELECT WEEK(STR_TO_DATE(NULL,0)); SELECT SUBDATE(STR_TO_DATE(NULL,0), INTERVAL 1 HOUR); --echo # +--echo # BUG#59895 - setting storage engine to null segfaults mysqld +--echo # +SELECT MONTHNAME(0), MONTHNAME(0) IS NULL, MONTHNAME(0) + 1; + +--echo # === modified file 'sql/item_timefunc.cc' --- a/sql/item_timefunc.cc 2011-02-10 08:18:08 +0000 +++ b/sql/item_timefunc.cc 2011-02-18 07:45:14 +0000 @@ -1133,16 +1133,18 @@ String* Item_func_monthname::val_str(Str { DBUG_ASSERT(fixed == 1); const char *month_name; - uint month= (uint) val_int(); uint err; + MYSQL_TIME ltime; - if (null_value || !month) - { - null_value=1; + (void) get_arg0_date(<ime, TIME_FUZZY_DATE); + + if (!ltime.month) + null_value= 1; + + if (null_value) return (String*) 0; - } - null_value=0; - month_name= locale->month_names->type_names[month-1]; + + month_name= locale->month_names->type_names[ltime.month - 1]; str->copy(month_name, (uint) strlen(month_name), &my_charset_utf8_bin, collation.collation, &err); return str; === modified file 'sql/item_timefunc.h' --- a/sql/item_timefunc.h 2011-02-10 08:18:08 +0000 +++ b/sql/item_timefunc.h 2011-02-18 07:45:14 +0000 @@ -163,16 +163,19 @@ public: }; -class Item_func_monthname :public Item_func_month +class Item_func_monthname :public Item_str_func { MY_LOCALE *locale; public: - Item_func_monthname(Item *a) :Item_func_month(a) {} + Item_func_monthname(Item *a) :Item_str_func(a) {} const char *func_name() const { return "monthname"; } String *val_str(String *str); - enum Item_result result_type () const { return STRING_RESULT; } void fix_length_and_dec(); bool check_partition_func_processor(uchar *int_arg) {return TRUE;} + bool check_valid_arguments_processor(uchar *int_arg) + { + return !has_date_args(); + } }; --===============5013255407480030074== MIME-Version: 1.0 Content-Type: text/bzr-bundle; charset="us-ascii"; name="bzr/sergey.vojtovich@stripped" Content-Transfer-Encoding: 7bit Content-Disposition: inline # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: sergey.vojtovich@stripped\ # jysawkykn9yss4q5 # target_branch: file:///home/svoj/mysql/server/mysql-5.5-bug59895/ # testament_sha1: 7a8ea8c1f528bd65941288ad3352497dff273db5 # timestamp: 2011-02-18 10:45:19 +0300 # base_revision_id: dmitry.lenev@stripped\ # ssyuf0i2fhrb595k # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWXi5QlIABHNfgEAweX///3/n rzq////6YAms77Xdj6Vr0AauPXAdULbsbtimVZWGSKam0yZR6MUeoyej01NR6gDQGjIGRkBo0OAY RhNMQwCAZADCNMmTCMBDQZTRpBpNTzVG1BpoGgAANAAAaPUAEiQqeSaep6jaMkammTT9FAaaAAAA AGgRSJMmgnlNpNTxDU9NNQwNQ0jIxqNGQZG9RPUEkhNBoCaNGmgRkAlHqPU0ZP1QfqmQAGj1O+sP DhFmPdMqRwocd26kzHnVLx6gsPe14aYmbF9INU0cVCy5Gy7BUpmEK0WdAk70NogiiIQhWAzMAcwl osFWo9anyULI0Y1gbLS7xjmAqSMWUfKDFv4raDezscYAIgNA2wbbE3Z9AvfXeFf6r36ovZJ04JSb hqbNLKfOR8qybTg6mEmH2sM5xLHLXsOJBZnPuNM9D5BD4JuEg7XKKWi+FUS/rS6Rw0A2da2hbaqB FhOBgtuSh8BcsKyaxufvPQTLsFCpHlsApJv8NXBF67l5Kf7iYCp8WiINYW1jZkcESIOi+Gt45l4I AudqUKbvANqqrsJcQoOzmGP1IujDhxSPWMlt0NbLZ5uTe4qLWw42iGStqRE4knFDoBgqitWrcL0S DsqMdFt7LeKiB3ungL2BXlnAXi82q05rTJUTMMX1TGKLARo5HMsUATIW4I4WjapohIIbf0d1SQdW Gg5mXbkktjOkCkbhpKpDIaFCQymusqmCXiBy7y40N88aRJtCRBKkUFVu1E5/oojxILHUFLIkyk05 UecSoXvMRZAPFHDec3SJkgnUWD5qM8FGI01ytyXasnHfbbWTiBlnGNB3koIgjfw5i9bgckhtJitV WDkSTb4n2xqBPGLj83e9TnAXWRJYg1w4ecvMC8MupkAthk6NMFziJQrUC3C1qxoC0LRhak2Rsrcz uBo6yWZkYiqqJqTbPMlu1G8/HcniBdVZMqZanIM6QugzoXoJqzLnxe4cJlDRmlHFck0ypjZEpHlp cw8gmzN53qOONmOJWhXMlgPHFzCpBa1k9YFcZyByDUjcfVRKCGtWFvYnVhOvUFvVSiXXP1Enj36o ovycGorahgnBTj3/+MTI3lyt6rhQLg55EwJC37Y7ld4HCoovnxXEPp3KRMJiO3EpV6o0X1Ve04qZ b+NVVTiDlOZjolpUpxk4mTtx1eQNq9aVChS1ZwHOPOLSLCYqKNz7mQ19UTQsbuXgnrAurVV5IWZN PBlYcx+y+kE+g1OXPW8xhrkFRXNhtsfEUziJQwxxJoHZbyfdXjue1WI2wc1QniUGIA4JRjkNCI+i ldnBFSKZ3Ne5Y7iTyykfqFphVGRTZUaSVDTGQUoWrfrFWXUxagZa4cyk3D4lW+xUFp8gTo2hiP2X lcCa1nWJsgmi4dSzkNEpy2mKgRXXSU0RR7U4yJSh389Z0RHdRlocjVEQwFgaUMv7h2dRtXnR0H0R /qwxEMJBRYH4Ph/gvvq9h3lF6t3pUgVv5QhhrFwlIu/6/BGMD7qyIJVkgl3oyd6s5XoUsVueGtpP vg3mBxOkm2/yELBOlcH8LWJkMktA22VOr6gGAqAwVwFEjmDsJVUROQFIReEkJ8O4u38/nKxNx0uL 8Z93qKjOXExE+n2n7Pde+EhvwzBFz9y0NDbFRQwDr/Q+hX97g5JHKiz9xTpl4akj0CW0+DZIpgVF epVd8WyHg7ct1G0F62rQ5cj4pcvu46zusWK1lx+07yR8ExOfBmRHnUwIfvOYdbFB+Hi/4Xgv0oDy o47ZnphDq9ivLBjM1Z35LIzrANDViG08lmi60w3aynTaFjCU1eSqg563QBFYIxhxUZjqnKipxAYe 1wVb95tN53lD2CoTykk1Ip6oziKTwMzI5BEu0PwVh2Rmcdq3ZUzY5Lz3KYQTLA1dOUN0EiATDmqO MvhRtmfEjRsGn7Ok3sDA++1wOdG0Bktjzz7+QeKfD2WWtkiH1Dc48Yrka9DZM5LhGVUNWHLVD4ft FqEYLYsdqPZWuFvGWUM1wqy4++wSecXVnVkSoEOasVkU5dVtTkuqxJ0E4lRUUHrxBbzE1KEjnuDq cidWKDjh1RajI8V+IeXoDB0RcsxwPYboFghhe3mvvc5OnDjrby9jOAEGAkVvEq15JxFUh49yyM1W W14qpR0jYtfTxgI7EmpbJC5lSaFIcxD/ctEqt1x0tpNqCls6DK5nWDSZjiM0zsaHmc5oxX2EX4Q9 cO9Ce6XE80YIB4hc+Cm7krwxp4UKJ0UiJhw0z1nbBNkvGQlJAlMJpUoqvAdpsASxvniHAHDPuAuE HYYWO1kdGpcjQ/yDHmJnM4u56AcdzctoUrPxzd8zbkCp1YfOHki8CQDazNTek9LzQy1yHAYvt4dt NLUG22/05nLCJ1kSBNLfC5HcRJIEk4yQ8wW5dNiuK/mbjoa/scFliLz85dT3qk2KCnUliVzdi6wJ o5wsqBmgSW6VpMYbWCgTBmCGjbIxlrjZlUQF8SGtnJcL289DZxWvKha+VVrMj4HzXTCQ3mrzx+rI UslE80I1AUWiJ10iVFxd9QRikbSC9getacaU4dq/FTGwpEr7QC7owMLuYIIdKRkYK5cpic7qfWad /spLsYGoFg5b1ruB43JkKnhNtxbKV0zdDymlxlYVKunVQ4L8Kbw8kdnGejkTEUlUOTrmK08gsjQ+ wbXHoUvOCoVTN4JxOm5rRcCz+DrlOmNOEqAVSdNEj5xRYCtqqCdZcuI7yGGHfemirlnYaAwuSgLl rznbYQb1oWvbiIiIiIylygaLEwWZEOaZujQYD3gnSuB4nVqtU9DDXAcoOPSuLnsmVVd7zvohYwQ8 oDOVUk5FnBll8Ei0RfccoaCoiQEWBlBkmD5D68YrEQzCMiSwjUguSJLiJTclAIBesLLFAzytUO7O Y+Lk3YQ6uV6Nb42xPJkHQ3piupoo4GOIz1Frws25gIc+mI2RLgdGXseqsWtdjn1o8y8iipbFirSt Yp1TGsFYvYvsrT4HRMg2JrZ2ByMUg9byaK212AwB6gbmtqeNtsSxsm2SdHWrjof/F3JFOFCQeLlC Ug== --===============5013255407480030074==--