List:Commits« Previous MessageNext Message »
From:Sergei Golubchik Date:October 4 2007 2:03pm
Subject:Re: bk commit into 5.0 tree (bar:1.2534) BUG#31081
View as plain text  
Hi!

On Oct 01, bar@stripped wrote:
> ChangeSet@stripped, 2007-10-01 19:01:51+05:00, bar@stripped +11 -0
>   Bug#31081 server crash in regexp function
>   Problem: The "regex" library written by Henry Spencer
>   does not support tricky character sets like UCS2.
>   Fix: convert tricky character sets to UTF8 before calling
>   regex functions.

A couple of comments

> diff -Nrup a/sql/item_cmpfunc.cc b/sql/item_cmpfunc.cc
> --- a/sql/item_cmpfunc.cc	2007-07-16 02:03:32 +05:00
> +++ b/sql/item_cmpfunc.cc	2007-10-01 19:01:50 +05:00
> @@ -4281,47 +4332,29 @@ longlong Item_func_regex::val_int()
>  {
>    DBUG_ASSERT(fixed == 1);
>    char buff[MAX_FIELD_WIDTH];
> +  String tmp(buff,sizeof(buff),&my_charset_bin);
> +  String *res= args[0]->val_str(&tmp);
>  
> +  if (args[0]->null_value || (!regex_is_const && regcomp(FALSE)))
>    {
> +    null_value= 1;
>      return 0;
>    }
> +  null_value= 0;
> +
> +  if (cmp_collation.collation != regex_lib_charset)
>    {
> +    /* Convert UCS2 strings to UTF8 */
>      char buff2[MAX_FIELD_WIDTH];
> -
> +    String tmp2(buff2, sizeof(buff), regex_lib_charset);
> +    uint dummy_errors;
> +    if (tmp2.copy(res->ptr(), res->length(), res->charset(),
> +                  regex_lib_charset, &dummy_errors))

wouldn't it be better to store tmp2 in the object, to avoid mallocs for
every val_int() call (assuming the argument is larger than
MAX_FIELD_WIDTH) ?

Same, to the less extent, applies to regcomp() method.

> diff -Nrup a/sql/item_cmpfunc.h b/sql/item_cmpfunc.h
> --- a/sql/item_cmpfunc.h	2007-08-31 04:23:36 +05:00
> +++ b/sql/item_cmpfunc.h	2007-10-01 19:01:50 +05:00
> @@ -1313,9 +1313,12 @@ class Item_func_regex :public Item_bool_
>    bool regex_is_const;
>    String prev_regexp;
>    DTCollation cmp_collation;
> +  CHARSET_INFO *regex_lib_charset;
> +  int regex_lib_flags;
>  public:
>    Item_func_regex(Item *a,Item *b) :Item_bool_func(a,b),
>      regex_compiled(0),regex_is_const(0) {}
> +  bool regcomp(bool send_error);

Should regcomp() be public ?

>    void cleanup();
>    longlong val_int();

Regards / Mit vielen Grüssen,
Sergei

-- 
   __  ___     ___ ____  __
  /  |/  /_ __/ __/ __ \/ /   Sergei Golubchik <serg@stripped>
 / /|_/ / // /\ \/ /_/ / /__  Principal Software Developer
/_/  /_/\_, /___/\___\_\___/  MySQL GmbH, Dachauer Str. 37, D-80335 München
       <___/                  Geschäftsführer: Kaj Arnö - HRB
München 162140
Thread
bk commit into 5.0 tree (bar:1.2534) BUG#31081bar1 Oct
  • Re: bk commit into 5.0 tree (bar:1.2534) BUG#31081Sergei Golubchik4 Oct