3541 Tor Didriksen 2011-09-20
Bug#12985030 SIMPLE QUERY WITH DECIMAL NUMBERS LEAKS MEMORY
@ mysql-test/r/func_str.result
New test cases.
@ mysql-test/t/func_str.test
New test cases.
@ strings/dtoa.c
Increasing the buffer size slightly made some queries pass without leaks.
Adding Bfree(p51, alloc) fixed the remaining leaks.
modified:
mysql-test/r/func_str.result
mysql-test/t/func_str.test
strings/dtoa.c
3540 Jonathan Perkin 2011-09-19
Don't use macro names in changelog comments.
modified:
support-files/mysql.spec.sh
=== modified file 'mysql-test/r/func_str.result'
--- a/mysql-test/r/func_str.result 2011-01-13 08:07:21 +0000
+++ b/mysql-test/r/func_str.result 2011-09-20 08:59:48 +0000
@@ -2785,5 +2785,40 @@ format(123,2,'no_NO')
123,00
DROP TABLE t1;
#
+# Bug#12985030 SIMPLE QUERY WITH DECIMAL NUMBERS LEAKS MEMORY
+#
+SELECT (rpad(1.0,2048,1)) IS NOT FALSE;
+(rpad(1.0,2048,1)) IS NOT FALSE
+1
+SELECT ((+0) IN
+((0b111111111111111111111111111111111111111111111111111),(rpad(1.0,2048,1)),
+(32767.1)));
+((+0) IN
+((0b111111111111111111111111111111111111111111111111111),(rpad(1.0,2048,1)),
+(32767.1)))
+0
+SELECT ((rpad(1.0,2048,1)) = ('4(') ^ (0.1));
+((rpad(1.0,2048,1)) = ('4(') ^ (0.1))
+0
+Warnings:
+Warning 1292 Truncated incorrect INTEGER value: '4('
+SELECT
+pow((rpad(1.0,2048,1)),(b'1111111111111111111111111111111111111111111'));
+ERROR 22003: DOUBLE value is out of range in 'pow(rpad(1.0,2048,1),0x07ffffffffff)'
+SELECT ((rpad(1.0,2048,1)) + (0) ^ ('../'));
+((rpad(1.0,2048,1)) + (0) ^ ('../'))
+1.011111111111111
+Warnings:
+Warning 1292 Truncated incorrect INTEGER value: '../'
+SELECT stddev_samp(rpad(1.0,2048,1));
+stddev_samp(rpad(1.0,2048,1))
+NULL
+SELECT ((127.1) not in ((rpad(1.0,2048,1)),(''),(-1.1)));
+((127.1) not in ((rpad(1.0,2048,1)),(''),(-1.1)))
+1
+SELECT ((0xf3) * (rpad(1.0,2048,1)) << (0xcc));
+((0xf3) * (rpad(1.0,2048,1)) << (0xcc))
+0
+#
# End of 5.5 tests
#
=== modified file 'mysql-test/t/func_str.test'
--- a/mysql-test/t/func_str.test 2011-01-13 08:07:21 +0000
+++ b/mysql-test/t/func_str.test 2011-09-20 08:59:48 +0000
@@ -1437,5 +1437,24 @@ SELECT * FROM t1;
DROP TABLE t1;
--echo #
+--echo # Bug#12985030 SIMPLE QUERY WITH DECIMAL NUMBERS LEAKS MEMORY
+--echo #
+
+SELECT (rpad(1.0,2048,1)) IS NOT FALSE;
+SELECT ((+0) IN
+((0b111111111111111111111111111111111111111111111111111),(rpad(1.0,2048,1)),
+(32767.1)));
+SELECT ((rpad(1.0,2048,1)) = ('4(') ^ (0.1));
+
+--error 1690
+SELECT
+pow((rpad(1.0,2048,1)),(b'1111111111111111111111111111111111111111111'));
+SELECT ((rpad(1.0,2048,1)) + (0) ^ ('../'));
+SELECT stddev_samp(rpad(1.0,2048,1));
+SELECT ((127.1) not in ((rpad(1.0,2048,1)),(''),(-1.1)));
+SELECT ((0xf3) * (rpad(1.0,2048,1)) << (0xcc));
+
+
+--echo #
--echo # End of 5.5 tests
--echo #
=== modified file 'strings/dtoa.c'
--- a/strings/dtoa.c 2011-06-30 15:46:53 +0000
+++ b/strings/dtoa.c 2011-09-20 08:59:48 +0000
@@ -46,7 +46,7 @@
see if it is possible to get rid of malloc().
this constant is sufficient to avoid malloc() on all inputs I have tried.
*/
-#define DTOA_BUFF_SIZE (420 * sizeof(void *))
+#define DTOA_BUFF_SIZE (460 * sizeof(void *))
/* Magic value returned by dtoa() to indicate overflow */
#define DTOA_OVERFLOW 9999
@@ -659,6 +659,7 @@ typedef struct Stack_alloc
static Bigint *Balloc(int k, Stack_alloc *alloc)
{
Bigint *rv;
+ DBUG_ASSERT(k <= Kmax);
if (k <= Kmax && alloc->freelist[k])
{
rv= alloc->freelist[k];
@@ -1005,7 +1006,7 @@ static Bigint p5_a[]=
static Bigint *pow5mult(Bigint *b, int k, Stack_alloc *alloc)
{
- Bigint *b1, *p5, *p51;
+ Bigint *b1, *p5, *p51=NULL;
int i;
static int p05[3]= { 5, 25, 125 };
@@ -1037,6 +1038,8 @@ static Bigint *pow5mult(Bigint *b, int k
p5= p51;
}
}
+ if (p51)
+ Bfree(p51, alloc);
return b;
}
No bundle (reason: useless for push emails).
| Thread |
|---|
| • bzr push into mysql-5.5 branch (tor.didriksen:3540 to 3541) Bug#12985030 | Tor Didriksen | 20 Sep |
