Below is the list of changes that have just been committed into a local
5.0 repository of hf. When hf does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet@stripped, 2007-05-20 21:22:57+05:00, holyfoot@stripped +3 -0
bug #28361 Buffer overflow in DECIMAL code on Windows
my_decimal in some cases can contain more decimal digits than
is officially supported (DECIMAL_MAX_PRECISION), so we need to
prepare bigger buffer for the resulting string.
mysql-test/r/type_newdecimal.result@stripped, 2007-05-20 21:22:55+05:00, holyfoot@stripped +3 -0
bug #28361 Buffer overflow in DECIMAL code on Windows
test result
mysql-test/t/type_newdecimal.test@stripped, 2007-05-20 21:22:55+05:00, holyfoot@stripped +8 -0
bug #28361 Buffer overflow in DECIMAL code on Windows
test case
This test case doesn't fall in most cases even without the fix
Still valgrind shows the problemn
sql/my_decimal.h@stripped, 2007-05-20 21:22:55+05:00, holyfoot@stripped +7 -3
bug #28361 Buffer overflow in DECIMAL code on Windows
DECIMAL_MAX_POSSIBLE_PRECISION introduced to be used in places,
when we need to check for the number of digits technicaly possible
in my_decimal.
DECIMAL_MAX_STR_LENGTH fixed as it has to fit for the MAX_POSSIBLE_PRECISION
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: holyfoot
# Host: hfmain.(none)
# Root: /home/hf/work/28361/my50-28361
--- 1.46/mysql-test/r/type_newdecimal.result 2007-05-20 21:23:01 +05:00
+++ 1.47/mysql-test/r/type_newdecimal.result 2007-05-20 21:23:01 +05:00
@@ -1465,4 +1465,7 @@ Error 1264 Out of range value adjusted f
Error 1264 Out of range value adjusted for column 'cast(a as DECIMAL(3,2))' at row 1
Error 1264 Out of range value adjusted for column 'cast(a as DECIMAL(3,2))' at row 1
Error 1264 Out of range value adjusted for column 'cast(a as DECIMAL(3,2))' at row 1
+create table t1 (s varchar(100));
+insert into t1 values (0.00000000010000000000000000364321973154977415791655470655996396089904010295867919921875);
+drop table t1;
End of 5.0 tests
--- 1.44/mysql-test/t/type_newdecimal.test 2007-05-20 21:23:01 +05:00
+++ 1.45/mysql-test/t/type_newdecimal.test 2007-05-20 21:23:01 +05:00
@@ -1149,4 +1149,12 @@ select cast(a as DECIMAL(3,2)), count(*)
UNION select 12.1234
) t group by 1;
+#
+# Bug #28361 Buffer overflow in DECIMAL code on Windows
+#
+
+create table t1 (s varchar(100));
+insert into t1 values (0.00000000010000000000000000364321973154977415791655470655996396089904010295867919921875);
+drop table t1;
+
--echo End of 5.0 tests
--- 1.16/sql/my_decimal.h 2007-05-20 21:23:01 +05:00
+++ 1.17/sql/my_decimal.h 2007-05-20 21:23:01 +05:00
@@ -36,13 +36,17 @@ C_MODE_END
/* maximum length of buffer in our big digits (uint32) */
#define DECIMAL_BUFF_LENGTH 9
+
+/* the number of digits that my_decimal can possibly contain */
+#define DECIMAL_MAX_POSSIBLE_PRECISION (DECIMAL_BUFF_LENGTH * 9)
+
/*
maximum guaranteed precision of number in decimal digits (number of our
digits * number of decimal digits in one our big digit - number of decimal
- digits in one our big digit decreased on 1 (because we always put decimal
+ digits in one our big digit decreased by 1 (because we always put decimal
point on the border of our big digits))
*/
-#define DECIMAL_MAX_PRECISION ((DECIMAL_BUFF_LENGTH * 9) - 8*2)
+#define DECIMAL_MAX_PRECISION (DECIMAL_MAX_POSSIBLE_PRECISION - 8*2)
#define DECIMAL_MAX_SCALE 30
#define DECIMAL_NOT_SPECIFIED 31
@@ -50,7 +54,7 @@ C_MODE_END
maximum length of string representation (number of maximum decimal
digits + 1 position for sign + 1 position for decimal point)
*/
-#define DECIMAL_MAX_STR_LENGTH (DECIMAL_MAX_PRECISION + 2)
+#define DECIMAL_MAX_STR_LENGTH (DECIMAL_MAX_POSSIBLE_PRECISION + 2)
/*
maximum size of packet length
*/
| Thread |
|---|
| • bk commit into 5.0 tree (holyfoot:1.2491) BUG#28361 | holyfoot | 20 May |
