List:Commits« Previous MessageNext Message »
From:ingo Date:July 4 2007 4:17pm
Subject:bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810
View as plain text  
Below is the list of changes that have just been committed into a local
6.0-falcon repository of istruewing. When istruewing does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-07-04 16:16:55+02:00, istruewing@stripped +6 -0
  Bug#28810 - Crash with huge negative decimal for Falcon and CSV
  
  Problem #1:
  
  Debug server crashed when inserting a negated decimal number of
  maximum precision (65): INSERT ... SELECT -column ...
  
  The problem was that the negation function added 1 to the column
  length for the sign unconditionally. When the source item was
  a signed field with maximum precision, the result was a field with
  one more than maximum. This triggered an assert.
  
  The fix is to avoid adding 1 to max_length when the argument of
  the negation function is a signed field . A signed field does
  already have space for the sign.
  
  Problem #2:
  
  The test case for CSV reported table corruption.
  Entering a negative number into a CSV table corrupted the table.
  
  The problem was that numbers were written to the CSV file without
  quoting, but when reading from the file, only fields starting
  with a digit were accepted unquoted.
  
  The fix is to accept reading of fields that start with a sign ('-'),
  followed by a digit unquoted too.

  mysql-test/r/csv.result@stripped, 2007-07-04 16:16:34+02:00, istruewing@stripped +26 -0
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test result for CSV.

  mysql-test/r/type_newdecimal.result@stripped, 2007-07-04 16:16:34+02:00,
istruewing@stripped +23 -1
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test result for MyISAM.

  mysql-test/t/csv.test@stripped, 2007-07-04 16:16:34+02:00, istruewing@stripped +22 -0
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test for CSV.

  mysql-test/t/type_newdecimal.test@stripped, 2007-07-04 16:16:34+02:00,
istruewing@stripped +20 -1
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test for MyISAM.

  sql/item_func.cc@stripped, 2007-07-04 16:16:35+02:00, istruewing@stripped +8 -2
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Avoid to add 1 to max_length when argument is a signed field in
    Item_func_neg::fix_num_length_and_dec().

  storage/csv/ha_tina.cc@stripped, 2007-07-04 16:16:36+02:00, istruewing@stripped +11 -2
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Accept unquoted negative numbers.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	istruewing
# Host:	chilla.local
# Root:	/home/mydev/mysql-5.1-falcon-bug28810

--- 1.402/sql/item_func.cc	2007-07-04 16:17:46 +02:00
+++ 1.403/sql/item_func.cc	2007-07-04 16:17:46 +02:00
@@ -1504,8 +1504,14 @@ my_decimal *Item_func_neg::decimal_op(my
 void Item_func_neg::fix_num_length_and_dec()
 {
   decimals= args[0]->decimals;
-  /* 1 add because sign can appear */
-  max_length= args[0]->max_length + 1;
+  max_length= args[0]->max_length;
+  /*
+    If the argument is a signed field, then its max_length does already
+    take an possible sign into account. In other cases we have to add one.
+  */
+  if ((args[0]->type() != FIELD_ITEM) || args[0]->unsigned_flag)
+    max_length++;
+  unsigned_flag= 0;
 }
 
 

--- 1.18/mysql-test/r/csv.result	2007-07-04 16:17:47 +02:00
+++ 1.19/mysql-test/r/csv.result	2007-07-04 16:17:47 +02:00
@@ -5240,3 +5240,29 @@ CREATE TABLE `bug21328` (
 insert into bug21328 values (1,NULL,NULL);
 alter table bug21328 engine=myisam;
 drop table bug21328;
+End of 5.0 tests
+CREATE TABLE t1 (c1 DECIMAL(65)) ENGINE= CSV;
+INSERT INTO t1 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+CHECK TABLE t1 EXTENDED;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+SELECT * FROM t1;
+c1
+99999999999999999999999999999999999999999999999999999999999999999
+99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED) ENGINE= CSV;
+INSERT INTO t2 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+c1
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+DROP TABLE t1, t2;

--- 1.23/mysql-test/t/csv.test	2007-07-04 16:17:47 +02:00
+++ 1.24/mysql-test/t/csv.test	2007-07-04 16:17:47 +02:00
@@ -1653,3 +1653,25 @@ CREATE TABLE `bug21328` (
 insert into bug21328 values (1,NULL,NULL);
 alter table bug21328 engine=myisam;
 drop table bug21328;
+
+--echo End of 5.0 tests
+
+#
+# Bug#28810 - Crash with huge negative decimal for Falcon and CSV
+#
+CREATE TABLE t1 (c1 DECIMAL(65)) ENGINE= CSV;
+INSERT INTO t1 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+CHECK TABLE t1 EXTENDED;
+SELECT * FROM t1;
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED) ENGINE= CSV;
+INSERT INTO t2 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+DROP TABLE t1, t2;
+

--- 1.77/storage/csv/ha_tina.cc	2007-07-04 16:17:47 +02:00
+++ 1.78/storage/csv/ha_tina.cc	2007-07-04 16:17:47 +02:00
@@ -654,9 +654,18 @@ int ha_tina::find_current_row(uchar *buf
         }
       }
     }
-    else if (my_isdigit(system_charset_info, 
-                        file_buff->get_value(curr_offset))) 
+    else if (my_isdigit(system_charset_info,
+                        file_buff->get_value(curr_offset)) ||
+             ((file_buff->get_value(curr_offset) == '-') &&
+              my_isdigit(system_charset_info,
+                        file_buff->get_value(curr_offset + 1))))
     {
+      /* Unsigned number or negative number. */
+      if (file_buff->get_value(curr_offset) == '-')
+      {
+        buffer.append(file_buff->get_value(curr_offset));
+        curr_offset++;
+      }
       for(;curr_offset < end_offset; curr_offset++)
       {
         if (file_buff->get_value(curr_offset) == ',')

--- 1.59/mysql-test/r/type_newdecimal.result	2007-07-04 16:17:47 +02:00
+++ 1.60/mysql-test/r/type_newdecimal.result	2007-07-04 16:17:47 +02:00
@@ -1,4 +1,4 @@
-drop table if exists t1;
+drop table if exists t1, t2;
 select 1.1 IN (1.0, 1.2);
 1.1 IN (1.0, 1.2)
 0
@@ -1509,3 +1509,25 @@ Error	1264	Out of range value for column
 select cast(98.6 as decimal(2,0));
 cast(98.6 as decimal(2,0))
 99
+CREATE TABLE t1 (c1 DECIMAL(65));
+INSERT INTO t1 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+SELECT * FROM t1;
+c1
+99999999999999999999999999999999999999999999999999999999999999999
+99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED);
+INSERT INTO t2 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+c1
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+DROP TABLE t1, t2;

--- 1.53/mysql-test/t/type_newdecimal.test	2007-07-04 16:17:47 +02:00
+++ 1.54/mysql-test/t/type_newdecimal.test	2007-07-04 16:17:47 +02:00
@@ -1,5 +1,5 @@
 --disable_warnings
-drop table if exists t1;
+drop table if exists t1, t2;
 --enable_warnings
 #
 # constant IN function test
@@ -1184,3 +1184,22 @@ select cast(-3.4 as decimal(2,1));
 select cast(99.6 as decimal(2,0));
 select cast(-13.4 as decimal(2,1));
 select cast(98.6 as decimal(2,0));
+
+#
+# Bug#28810 - Crash with huge negative decimal for Falcon and CSV
+#
+CREATE TABLE t1 (c1 DECIMAL(65));
+INSERT INTO t1 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+SELECT * FROM t1;
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED);
+INSERT INTO t2 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+DROP TABLE t1, t2;
+
Thread
bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810ingo4 Jul