• Developer Zone
• Lists Home
• FAQ

Below is the list of changes that have just been committed into a local
5.0 repository of uchum. When uchum does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-11-23 01:38:38+04:00, gshchepa@stripped +1 -0
  Fixed bug #32403: query causes a crash due to stack and
                    memory corruptions.
  
  Various pointer fields of the SEL_ARG structure were not
  initialized in the several constructors, sometimes that led to
  memory corruptions and server crashes.
  

  sql/opt_range.cc@stripped, 2007-11-23 01:37:03+04:00, gshchepa@stripped +51 -7
    Fixed bug #32403.
    
    Various pointer fields of the SEL_ARG structure were not
    initialized in the several constructors.
    
    All constructors of the SEL_ARG structure was modified to
    always initialize all fields of that structure.

diff -Nrup a/sql/opt_range.cc b/sql/opt_range.cc
--- a/sql/opt_range.cc	2007-10-23 16:32:03 +05:00
+++ b/sql/opt_range.cc	2007-11-23 01:37:03 +04:00
@@ -259,15 +259,12 @@ public:
 
   enum { MAX_SEL_ARGS = 16000 };
 
-  SEL_ARG() {}
+  SEL_ARG();
   SEL_ARG(SEL_ARG &);
   SEL_ARG(Field *,const char *,const char *);
   SEL_ARG(Field *field, uint8 part, char *min_value, char *max_value,
 	  uint8 min_flag, uint8 max_flag, uint8 maybe_flag);
-  SEL_ARG(enum Type type_arg)
-    :min_flag(0),elements(1),use_count(1),left(0),next_key_part(0),
-    color(BLACK), type(type_arg)
-  {}
+  SEL_ARG(enum Type type_arg);
   inline bool is_same(SEL_ARG *arg)
   {
     if (type != arg->type || part != arg->part)
@@ -1408,6 +1405,43 @@ QUICK_RANGE::QUICK_RANGE()
    flag(NO_MIN_RANGE | NO_MAX_RANGE)
 {}
 
+
+SEL_ARG::SEL_ARG()
+:min_flag(0),max_flag(0),maybe_flag(0),
+  part(0),
+  maybe_null(0),
+  elements(0),
+  use_count(0),
+  field(0),
+  min_value(0),max_value(0),
+  left(0),right(0),
+  next(0),prev(0),
+  parent(0),
+  next_key_part(0),
+  color(BLACK),
+  type(IMPOSSIBLE)
+{
+}
+
+
+SEL_ARG::SEL_ARG(enum Type type_arg)
+  :min_flag(0),max_flag(0),maybe_flag(0),
+  part(0),
+  maybe_null(0),
+  elements(1),
+  use_count(1),
+  field(0),
+  min_value(0),max_value(0),
+  left(0),right(0),
+  next(0),prev(0),
+  parent(0),
+  next_key_part(0),
+  color(BLACK),
+  type(type_arg)
+{
+}
+
+
 SEL_ARG::SEL_ARG(SEL_ARG &arg) :Sql_alloc()
 {
   type=arg.type;
@@ -1421,6 +1455,10 @@ SEL_ARG::SEL_ARG(SEL_ARG &arg) :Sql_allo
   max_value=arg.max_value;
   next_key_part=arg.next_key_part;
   use_count=1; elements=1;
+  left=right= &null_element;
+  next= prev= 0;
+  parent= 0;
+  color= BLACK;
 }
 
 
@@ -1433,9 +1471,14 @@ inline void SEL_ARG::make_root()
 }
 
 SEL_ARG::SEL_ARG(Field *f,const char *min_value_arg,const char *max_value_arg)
-  :min_flag(0), max_flag(0), maybe_flag(0), maybe_null(f->real_maybe_null()),
+  :min_flag(0), max_flag(0), maybe_flag(0),
+   part(0),
+   maybe_null(f->real_maybe_null()),
    elements(1), use_count(1), field(f), min_value((char*) min_value_arg),
-   max_value((char*) max_value_arg), next(0),prev(0),
+   max_value((char*) max_value_arg),
+   left(0), right(0),
+   next(0),prev(0),
+   parent(0),
    next_key_part(0),color(BLACK),type(KEY_RANGE)
 {
   left=right= &null_element;
@@ -1446,6 +1489,7 @@ SEL_ARG::SEL_ARG(Field *field_,uint8 par
   :min_flag(min_flag_),max_flag(max_flag_),maybe_flag(maybe_flag_),
    part(part_),maybe_null(field_->real_maybe_null()), elements(1),use_count(1),
    field(field_), min_value(min_value_), max_value(max_value_),
+   left(0), right(0),
    next(0),prev(0),next_key_part(0),color(BLACK),type(KEY_RANGE)
 {
   left=right= &null_element;