List:Commits« Previous MessageNext Message »
From:Sergey Glukhov Date:July 27 2011 7:39am
Subject:bzr push into mysql-trunk branch (sergey.glukhov:3306 to 3307) Bug#12634989
View as plain text  
 3307 Sergey Glukhov	2011-07-27
      Bug#12634989 VALGRIND WARNING ABOUT UNINITIALIZED VALUES CREATED IN ITEM_FUNC_DAYOFMONTH
      added missing null value check for functions
      SUBSTRING, LEFT, RIGHT, REPEAT, LPAD, RPAD.
     @ mysql-test/r/func_str.result
        test case
     @ mysql-test/t/func_str.test
        test case
     @ sql/item_strfunc.cc
        added missing null value check for functions
        SUBSTRING, LEFT, RIGHT, REPEAT, LPAD, RPAD.

    modified:
      mysql-test/r/func_str.result
      mysql-test/t/func_str.test
      sql/item_strfunc.cc
 3306 Sunny Bains	2011-07-27
      Move the ut_ad() after the definition/declaration of max_trx_id.
      Offending code introduced in trx_sys_t::lock to trx_sys_t::mutex conversion.

    modified:
      storage/innobase/include/trx0sys.ic
=== modified file 'mysql-test/r/func_str.result'
--- a/mysql-test/r/func_str.result	2011-07-19 15:11:15 +0000
+++ b/mysql-test/r/func_str.result	2011-07-27 07:38:35 +0000
@@ -2631,6 +2631,45 @@ SELECT * FROM t1;
 a
 aaaaaaaaaaaaaa
 DROP TABLE t1;
+#
+# Bug#12634989 VALGRIND WARNING ABOUT UNINITIALIZED VALUES CREATED IN ITEM_FUNC_DAYOFMONTH
+#
+SELECT SUBSTRING('1', DAY(FROM_UNIXTIME(-1)));
+SUBSTRING('1', DAY(FROM_UNIXTIME(-1)))
+NULL
+SELECT LEFT('1', DAY(FROM_UNIXTIME(-1)));
+LEFT('1', DAY(FROM_UNIXTIME(-1)))
+NULL
+SELECT RIGHT('1', DAY(FROM_UNIXTIME(-1)));
+RIGHT('1', DAY(FROM_UNIXTIME(-1)))
+NULL
+SELECT REPEAT('1', DAY(FROM_UNIXTIME(-1)));
+REPEAT('1', DAY(FROM_UNIXTIME(-1)))
+NULL
+SELECT RPAD('hi', DAY(FROM_UNIXTIME(-1)),'?');
+RPAD('hi', DAY(FROM_UNIXTIME(-1)),'?')
+NULL
+SELECT LPAD('hi', DAY(FROM_UNIXTIME(-1)),'?');
+LPAD('hi', DAY(FROM_UNIXTIME(-1)),'?')
+NULL
+CREATE TABLE t1
+SELECT SUBSTRING('1', DAY(FROM_UNIXTIME(-1))) AS f1,
+LEFT('1', DAY(FROM_UNIXTIME(-1))) AS f2,
+RIGHT('1', DAY(FROM_UNIXTIME(-1))) AS f3,
+REPEAT('1', DAY(FROM_UNIXTIME(-1))) AS f4,
+RPAD('hi', DAY(FROM_UNIXTIME(-1)),'?') AS f5,
+LPAD('hi', DAY(FROM_UNIXTIME(-1)),'?') AS f6;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `f1` varchar(1) DEFAULT NULL,
+  `f2` varchar(1) DEFAULT NULL,
+  `f3` varchar(1) DEFAULT NULL,
+  `f4` longtext,
+  `f5` longtext,
+  `f6` longtext
+) ENGINE=MyISAM DEFAULT CHARSET=latin1
+DROP TABLE t1;
 End of 5.1 tests
 Start of 5.4 tests
 SELECT format(12345678901234567890.123, 3);

=== modified file 'mysql-test/t/func_str.test'
--- a/mysql-test/t/func_str.test	2011-05-25 14:19:53 +0000
+++ b/mysql-test/t/func_str.test	2011-07-27 07:38:35 +0000
@@ -1381,6 +1381,27 @@ LOAD DATA INFILE 'bug58165.txt' INTO TAB
 SELECT * FROM t1;
 DROP TABLE t1;
 
+--echo #
+--echo # Bug#12634989 VALGRIND WARNING ABOUT UNINITIALIZED VALUES CREATED IN ITEM_FUNC_DAYOFMONTH
+--echo #
+
+SELECT SUBSTRING('1', DAY(FROM_UNIXTIME(-1)));
+SELECT LEFT('1', DAY(FROM_UNIXTIME(-1)));
+SELECT RIGHT('1', DAY(FROM_UNIXTIME(-1)));
+SELECT REPEAT('1', DAY(FROM_UNIXTIME(-1)));
+SELECT RPAD('hi', DAY(FROM_UNIXTIME(-1)),'?');
+SELECT LPAD('hi', DAY(FROM_UNIXTIME(-1)),'?');
+
+CREATE TABLE t1
+SELECT SUBSTRING('1', DAY(FROM_UNIXTIME(-1))) AS f1,
+       LEFT('1', DAY(FROM_UNIXTIME(-1))) AS f2,
+       RIGHT('1', DAY(FROM_UNIXTIME(-1))) AS f3,
+       REPEAT('1', DAY(FROM_UNIXTIME(-1))) AS f4,
+       RPAD('hi', DAY(FROM_UNIXTIME(-1)),'?') AS f5,
+       LPAD('hi', DAY(FROM_UNIXTIME(-1)),'?') AS f6;
+SHOW CREATE TABLE t1;
+DROP TABLE t1;
+
 --echo End of 5.1 tests
 
 --echo Start of 5.4 tests

=== modified file 'sql/item_strfunc.cc'
--- a/sql/item_strfunc.cc	2011-07-07 09:45:10 +0000
+++ b/sql/item_strfunc.cc	2011-07-27 07:38:35 +0000
@@ -1427,11 +1427,16 @@ void Item_str_func::left_right_max_lengt
   if (args[1]->const_item())
   {
     int length= (int) args[1]->val_int();
+    if (args[1]->null_value)
+      goto end;
+
     if (length <= 0)
       char_length=0;
     else
       set_if_smaller(char_length, (uint) length);
   }
+
+end:
   fix_char_length(char_length);
 }
 
@@ -1534,6 +1539,8 @@ void Item_func_substr::fix_length_and_de
   if (args[1]->const_item())
   {
     int32 start= (int32) args[1]->val_int();
+    if (args[1]->null_value)
+      goto end;
     if (start < 0)
       max_length= ((uint)(-start) > max_length) ? 0 : (uint)(-start);
     else
@@ -1542,11 +1549,15 @@ void Item_func_substr::fix_length_and_de
   if (arg_count == 3 && args[2]->const_item())
   {
     int32 length= (int32) args[2]->val_int();
+    if (args[2]->null_value)
+      goto end;
     if (length <= 0)
       max_length=0; /* purecov: inspected */
     else
       set_if_smaller(max_length,(uint) length);
   }
+
+end:
   max_length*= collation.collation->mbmaxlen;
 }
 
@@ -2732,6 +2743,8 @@ void Item_func_repeat::fix_length_and_de
   {
     /* must be longlong to avoid truncation */
     longlong count= args[1]->val_int();
+    if (args[1]->null_value)
+      goto end;
 
     /* Assumes that the maximum length of a String is < INT_MAX32. */
     /* Set here so that rest of code sees out-of-bound value as such. */
@@ -2740,12 +2753,12 @@ void Item_func_repeat::fix_length_and_de
 
     ulonglong char_length= (ulonglong) args[0]->max_char_length() * count;
     fix_char_length_ulonglong(char_length);
+    return;
   }
-  else
-  {
-    max_length= MAX_BLOB_WIDTH;
-    maybe_null= 1;
-  }
+
+end:
+  max_length= MAX_BLOB_WIDTH;
+  maybe_null= 1;
 }
 
 /**
@@ -2811,18 +2824,20 @@ void Item_func_rpad::fix_length_and_dec(
   if (args[1]->const_item())
   {
     ulonglong char_length= (ulonglong) args[1]->val_int();
+    if (args[1]->null_value)
+      goto end;
     DBUG_ASSERT(collation.collation->mbmaxlen > 0);
     /* Assumes that the maximum length of a String is < INT_MAX32. */
     /* Set here so that rest of code sees out-of-bound value as such. */
     if (char_length > INT_MAX32)
       char_length= INT_MAX32;
     fix_char_length_ulonglong(char_length);
+    return;
   }
-  else
-  {
-    max_length= MAX_BLOB_WIDTH;
-    maybe_null= 1;
-  }
+
+end:
+  max_length= MAX_BLOB_WIDTH;
+  maybe_null= 1;
 }
 
 
@@ -2915,18 +2930,20 @@ void Item_func_lpad::fix_length_and_dec(
   if (args[1]->const_item())
   {
     ulonglong char_length= (ulonglong) args[1]->val_int();
+    if (args[1]->null_value)
+      goto end;
     DBUG_ASSERT(collation.collation->mbmaxlen > 0);
     /* Assumes that the maximum length of a String is < INT_MAX32. */
     /* Set here so that rest of code sees out-of-bound value as such. */
     if (char_length > INT_MAX32)
       char_length= INT_MAX32;
     fix_char_length_ulonglong(char_length);
+    return;
   }
-  else
-  {
-    max_length= MAX_BLOB_WIDTH;
-    maybe_null= 1;
-  }
+
+end:
+  max_length= MAX_BLOB_WIDTH;
+  maybe_null= 1;
 }
 
 

No bundle (reason: useless for push emails).
Thread
bzr push into mysql-trunk branch (sergey.glukhov:3306 to 3307) Bug#12634989Sergey Glukhov27 Jul