From: Date: July 31 2008 1:31am
Subject: bzr commit into mysql-6.0-backup branch (marc.alff:2743) Bug#38296
List-Archive: http://lists.mysql.com/commits/50750
X-Bug: 38296
Message-Id: <20080730233127.0FE921DC41A@lambda.WEBLAB>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

#At file:///home/malff/BZR-TREE/mysql-6.0-38296/

 2743 Marc Alff	2008-07-30
      Bug#38296 (low memory crash with many conditions in a query)
      
      The parser code in sql/sql_yacc.yy needs to be more robust to out of
      memory conditions, so that when parsing a query fails due to OOM,
      the thread gracefully returns an error.
      
      Before this fix, a new/alloc returning NULL could:
      - cause a crash, if dereferencing the NULL pointer,
      - produce a corrupted parsed tree, containing NULL nodes,
      - alter the semantic of a query, by silently dropping token values or nodes
      
      With this fix:
      - calls to new/alloc are tested for a NULL result,
      - OOM conditions cause the parser to stop immediately (MYSQL_YYABORT)
modified:
  sql/sql_yacc.yy

=== modified file 'sql/sql_yacc.yy'
--- a/sql/sql_yacc.yy	2008-07-24 16:50:18 +0000
+++ b/sql/sql_yacc.yy	2008-07-30 23:31:18 +0000
@@ -2171,6 +2171,8 @@ sp_name:
               MYSQL_YYABORT;
             }
             $$= new sp_name($1, $3, true);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->init_qname(YYTHD);
           }
         | ident
@@ -2185,8 +2187,9 @@ sp_name:
             if (lex->copy_db_to(&db.str, &db.length))
               MYSQL_YYABORT;
             $$= new sp_name(db, $1, false);
-            if ($$)
-              $$->init_qname(thd);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+            $$->init_qname(thd);
           }
         ;
 
@@ -2612,6 +2615,8 @@ sp_cond:
           ulong_num
           { /* mysql errno */
             $$= (sp_cond_type_t *)YYTHD->alloc(sizeof(sp_cond_type_t));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->type= sp_cond_type_t::number;
             $$->mysqlerr= $1;
           }
@@ -2623,6 +2628,8 @@ sp_cond:
               MYSQL_YYABORT;
             }
             $$= (sp_cond_type_t *)YYTHD->alloc(sizeof(sp_cond_type_t));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->type= sp_cond_type_t::state;
             memcpy($$->sqlstate, $3.str, 5);
             $$->sqlstate[5]= '\0';
@@ -2651,16 +2658,22 @@ sp_hcond:
         | SQLWARNING_SYM /* SQLSTATEs 01??? */
           {
             $$= (sp_cond_type_t *)YYTHD->alloc(sizeof(sp_cond_type_t));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->type= sp_cond_type_t::warning;
           }
         | not FOUND_SYM /* SQLSTATEs 02??? */
           {
             $$= (sp_cond_type_t *)YYTHD->alloc(sizeof(sp_cond_type_t));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->type= sp_cond_type_t::notfound;
           }
         | SQLEXCEPTION_SYM /* All other SQLSTATEs */
           {
             $$= (sp_cond_type_t *)YYTHD->alloc(sizeof(sp_cond_type_t));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->type= sp_cond_type_t::exception;
           }
         ;
@@ -5177,7 +5190,11 @@ attribute:
 
 now_or_signed_literal:
           NOW_SYM optional_braces
-          { $$= new Item_func_now_local(); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_now_local();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | signed_literal
           { $$=$1; }
         ;
@@ -5559,7 +5576,12 @@ key_list:
         ;
 
 key_part:
-          ident { $$=new Key_part_spec($1, 0); }
+          ident
+          {
+            $$= new Key_part_spec($1, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | ident '(' NUM ')'
           {
             int key_part_len= atoi($3.str);
@@ -5567,7 +5589,9 @@ key_part:
             {
               my_error(ER_KEY_PART_0, MYF(0), $1.str);
             }
-            $$=new Key_part_spec($1, (uint) key_part_len);
+            $$= new Key_part_spec($1, (uint) key_part_len);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -5946,7 +5970,7 @@ reorg_partition_rule:
             lex->part_info= new partition_info();
             if (!lex->part_info)
             {
-            mem_alloc_error(sizeof(partition_info));
+              mem_alloc_error(sizeof(partition_info));
               MYSQL_YYABORT;
             }
             lex->no_write_to_binlog= $3;
@@ -6049,8 +6073,10 @@ alter_list_item:
         | DROP opt_column field_ident opt_restrict
           {
             LEX *lex=Lex;
-            lex->alter_info.drop_list.push_back(new Alter_drop(Alter_drop::COLUMN,
-                                                               $3.str));
+            Alter_drop *ad= new Alter_drop(Alter_drop::COLUMN, $3.str);
+            if (ad == NULL)
+              MYSQL_YYABORT;
+            lex->alter_info.drop_list.push_back(ad);
             lex->alter_info.flags|= ALTER_DROP_COLUMN;
           }
         | DROP FOREIGN KEY_SYM opt_ident
@@ -6060,15 +6086,19 @@ alter_list_item:
         | DROP PRIMARY_SYM KEY_SYM
           {
             LEX *lex=Lex;
-            lex->alter_info.drop_list.push_back(new Alter_drop(Alter_drop::KEY,
-                                                               primary_key_name));
+            Alter_drop *ad= new Alter_drop(Alter_drop::KEY, primary_key_name);
+            if (ad == NULL)
+              MYSQL_YYABORT;
+            lex->alter_info.drop_list.push_back(ad);
             lex->alter_info.flags|= ALTER_DROP_INDEX;
           }
         | DROP key_or_index field_ident
           {
             LEX *lex=Lex;
-            lex->alter_info.drop_list.push_back(new Alter_drop(Alter_drop::KEY,
-                                                               $3.str));
+            Alter_drop *ad= new Alter_drop(Alter_drop::KEY, $3.str);
+            if (ad == NULL)
+              MYSQL_YYABORT;
+            lex->alter_info.drop_list.push_back(ad);
             lex->alter_info.flags|= ALTER_DROP_INDEX;
           }
         | DISABLE_SYM KEYS
@@ -6086,14 +6116,19 @@ alter_list_item:
         | ALTER opt_column field_ident SET DEFAULT signed_literal
           {
             LEX *lex=Lex;
-            lex->alter_info.alter_list.push_back(new Alter_column($3.str,$6));
+            Alter_column *ac= new Alter_column($3.str,$6);
+            if (ac == NULL)
+              MYSQL_YYABORT;
+            lex->alter_info.alter_list.push_back(ac);
             lex->alter_info.flags|= ALTER_COLUMN_DEFAULT;
           }
         | ALTER opt_column field_ident DROP DEFAULT
           {
             LEX *lex=Lex;
-            lex->alter_info.alter_list.push_back(new Alter_column($3.str,
-                                                                  (Item*) 0));
+            Alter_column *ac= new Alter_column($3.str, (Item*) 0);
+            if (ac == NULL)
+              MYSQL_YYABORT;
+            lex->alter_info.alter_list.push_back(ac);
             lex->alter_info.flags|= ALTER_COLUMN_DEFAULT;
           }
         | RENAME opt_to table_ident
@@ -6361,15 +6396,19 @@ database_ident_list:
           ident
           {
             LEX *lex= Lex;
+            LEX_STRING* ls= (LEX_STRING*) sql_memdup(&$1, sizeof(LEX_STRING));
+            if (ls == NULL)
+              MYSQL_YYABORT;
             lex->db_list.empty();
-            if (lex->db_list.push_back((LEX_STRING*)
-                sql_memdup(&$1, sizeof(LEX_STRING))))
+            if (lex->db_list.push_back(ls))
               YYABORT;
           }
         | database_ident_list ',' ident
           {
-            if (Lex->db_list.push_back((LEX_STRING*)
-                sql_memdup(&$3, sizeof(LEX_STRING))))
+            LEX_STRING *ls= (LEX_STRING*) sql_memdup(&$3, sizeof(LEX_STRING));
+            if (ls == NULL)
+              MYSQL_YYABORT;
+            if (Lex->db_list.push_back(ls))
               YYABORT;
           }
         ;
@@ -6806,10 +6845,11 @@ select_item_list:
         | '*'
           {
             THD *thd= YYTHD;
-            if (add_item_to_list(thd,
-                                 new Item_field(&thd->lex->current_select->
-                                                context,
-                                                NULL, NULL, "*")))
+            Item *item= new Item_field(&thd->lex->current_select->context,
+                                       NULL, NULL, "*");
+            if (item == NULL)
+              MYSQL_YYABORT;
+            if (add_item_to_list(thd, item))
               MYSQL_YYABORT;
             (thd->lex->current_select->with_wild)++;
           }
@@ -6922,6 +6962,8 @@ expr:
             {
               /* X OR Y */
               $$ = new (YYTHD->mem_root) Item_cond_or($1, $3);
+              if ($$ == NULL)
+                MYSQL_YYABORT;
             }
           }
         | expr XOR expr %prec XOR
@@ -6968,36 +7010,86 @@ expr:
             {
               /* X AND Y */
               $$ = new (YYTHD->mem_root) Item_cond_and($1, $3);
+              if ($$ == NULL)
+                MYSQL_YYABORT;
             }
           }
         | NOT_SYM expr %prec NOT_SYM
-          { $$= negate_expression(YYTHD, $2); }
+          {
+            $$= negate_expression(YYTHD, $2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS TRUE_SYM %prec IS
-          { $$= new (YYTHD->mem_root) Item_func_istrue($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_istrue($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS not TRUE_SYM %prec IS
-          { $$= new (YYTHD->mem_root) Item_func_isnottrue($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnottrue($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS FALSE_SYM %prec IS
-          { $$= new (YYTHD->mem_root) Item_func_isfalse($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isfalse($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS not FALSE_SYM %prec IS
-          { $$= new (YYTHD->mem_root) Item_func_isnotfalse($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnotfalse($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS UNKNOWN_SYM %prec IS
-          { $$= new Item_func_isnull($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnull($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS not UNKNOWN_SYM %prec IS
-          { $$= new Item_func_isnotnull($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnotnull($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri
         ;
 
 bool_pri:
           bool_pri IS NULL_SYM %prec IS
-          { $$= new Item_func_isnull($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnull($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri IS not NULL_SYM %prec IS
-          { $$= new Item_func_isnotnull($1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_isnotnull($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri EQUAL_SYM predicate %prec EQUAL_SYM
-          { $$= new Item_func_equal($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_equal($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri comp_op predicate %prec EQ
-          { $$= (*$2)(0)->create($1,$3); }
+          {
+            $$= (*$2)(0)->create($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bool_pri comp_op all_or_any '(' subselect ')' %prec EQ
-          { $$= all_any_subquery_creator($1, $2, $3, $5); }
+          {
+            $$= all_any_subquery_creator($1, $2, $3, $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | predicate
         ;
 
@@ -7005,87 +7097,190 @@ predicate:
           bit_expr IN_SYM '(' subselect ')'
           {
             $$= new (YYTHD->mem_root) Item_in_subselect($1, $4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr not IN_SYM '(' subselect ')'
           {
             THD *thd= YYTHD;
             Item *item= new (thd->mem_root) Item_in_subselect($1, $5);
+            if (item == NULL)
+              MYSQL_YYABORT;
             $$= negate_expression(thd, item);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr IN_SYM '(' expr ')'
           {
             $$= handle_sql2003_note184_exception(YYTHD, $1, true, $4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr IN_SYM '(' expr ',' expr_list ')'
           { 
             $6->push_front($4);
             $6->push_front($1);
             $$= new (YYTHD->mem_root) Item_func_in(*$6);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr not IN_SYM '(' expr ')'
           {
             $$= handle_sql2003_note184_exception(YYTHD, $1, false, $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr not IN_SYM '(' expr ',' expr_list ')'
           {
             $7->push_front($5);
             $7->push_front($1);
             Item_func_in *item = new (YYTHD->mem_root) Item_func_in(*$7);
+            if (item == NULL)
+              MYSQL_YYABORT;
             item->negate();
             $$= item;
           }
         | bit_expr BETWEEN_SYM bit_expr AND_SYM predicate
-          { $$= new Item_func_between($1,$3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_between($1,$3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr not BETWEEN_SYM bit_expr AND_SYM predicate
           {
-            Item_func_between *item= new Item_func_between($1,$4,$6);
+            Item_func_between *item;
+            item= new (YYTHD->mem_root) Item_func_between($1,$4,$6);
+            if (item == NULL)
+              MYSQL_YYABORT;
             item->negate();
             $$= item;
           }
         | bit_expr SOUNDS_SYM LIKE bit_expr
           {
-            $$= new Item_func_eq(new Item_func_soundex($1),
-                                 new Item_func_soundex($4));
+            Item *item1= new (YYTHD->mem_root) Item_func_soundex($1);
+            Item *item4= new (YYTHD->mem_root) Item_func_soundex($4);
+            if ((item1 == NULL) || (item4 == NULL))
+              MYSQL_YYABORT;
+            $$= new (YYTHD->mem_root) Item_func_eq(item1, item4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | bit_expr LIKE simple_expr opt_escape
-          { $$= new Item_func_like($1,$3,$4,Lex->escape_used); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_like($1,$3,$4,Lex->escape_used);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr not LIKE simple_expr opt_escape
-          { $$= new Item_func_not(new Item_func_like($1,$4,$5, Lex->escape_used)); }
-        | bit_expr REGEXP bit_expr { $$= new Item_func_regex($1,$3); }
+          {
+            Item *item= new (YYTHD->mem_root) Item_func_like($1,$4,$5,
+                                                             Lex->escape_used);
+            if (item == NULL)
+              MYSQL_YYABORT;
+            $$= new (YYTHD->mem_root) Item_func_not(item);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | bit_expr REGEXP bit_expr
+          {
+            $$= new (YYTHD->mem_root) Item_func_regex($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr not REGEXP bit_expr
-          { $$= negate_expression(YYTHD, new Item_func_regex($1,$4)); }
+          {
+            $$= negate_expression(YYTHD, new Item_func_regex($1,$4));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr
         ;
 
 bit_expr:
           bit_expr '|' bit_expr %prec '|'
-          { $$= new Item_func_bit_or($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_bit_or($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '&' bit_expr %prec '&'
-          { $$= new Item_func_bit_and($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_bit_and($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr SHIFT_LEFT bit_expr %prec SHIFT_LEFT
-          { $$= new Item_func_shift_left($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_shift_left($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr SHIFT_RIGHT bit_expr %prec SHIFT_RIGHT
-          { $$= new Item_func_shift_right($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_shift_right($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '+' bit_expr %prec '+'
-          { $$= new Item_func_plus($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_plus($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '-' bit_expr %prec '-'
-          { $$= new Item_func_minus($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_minus($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '+' INTERVAL_SYM expr interval %prec '+'
-          { $$= new Item_date_add_interval($1,$4,$5,0); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($1,$4,$5,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '-' INTERVAL_SYM expr interval %prec '-'
-          { $$= new Item_date_add_interval($1,$4,$5,1); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($1,$4,$5,1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '*' bit_expr %prec '*'
-          { $$= new Item_func_mul($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_mul($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '/' bit_expr %prec '/'
-          { $$= new Item_func_div($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_div($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '%' bit_expr %prec '%'
-          { $$= new Item_func_mod($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_mod($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr DIV_SYM bit_expr %prec DIV_SYM
-          { $$= new Item_func_int_div($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_int_div($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr MOD_SYM bit_expr %prec MOD_SYM
-          { $$= new Item_func_mod($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_mod($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | bit_expr '^' bit_expr
-          { $$= new Item_func_bit_xor($1,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_bit_xor($1,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | simple_expr
         ;
 
@@ -7135,45 +7330,80 @@ simple_expr:
             Item *i1= new (thd->mem_root) Item_string($3.str,
                                                       $3.length,
                                                       thd->charset());
+            if (i1 == NULL)
+              MYSQL_YYABORT;
             $$= new (thd->mem_root) Item_func_set_collation($1, i1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | literal
         | param_marker
         | variable
         | sum_expr
         | simple_expr OR_OR_SYM simple_expr
-          { $$= new (YYTHD->mem_root) Item_func_concat($1, $3); }
-        | '+' simple_expr %prec NEG { $$= $2; }
+          {
+            $$= new (YYTHD->mem_root) Item_func_concat($1, $3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | '+' simple_expr %prec NEG
+          {
+            $$= $2;
+          }
         | '-' simple_expr %prec NEG
-          { $$= new (YYTHD->mem_root) Item_func_neg($2); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_neg($2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | '~' simple_expr %prec NEG
-          { $$= new (YYTHD->mem_root) Item_func_bit_neg($2); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_bit_neg($2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | not2 simple_expr %prec NEG
-          { $$= negate_expression(YYTHD, $2); }
+          {
+            $$= negate_expression(YYTHD, $2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | '(' subselect ')'
           { 
             $$= new (YYTHD->mem_root) Item_singlerow_subselect($2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
-        | '(' expr ')' { $$= $2; }
+        | '(' expr ')'
+          { $$= $2; }
         | '(' expr ',' expr_list ')'
           {
             $4->push_front($2);
             $$= new (YYTHD->mem_root) Item_row(*$4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | ROW_SYM '(' expr ',' expr_list ')'
           {
             $5->push_front($3);
             $$= new (YYTHD->mem_root) Item_row(*$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | EXISTS '(' subselect ')'
           {
             $$= new (YYTHD->mem_root) Item_exists_subselect($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
-        | '{' ident expr '}' { $$= $3; }
+        | '{' ident expr '}'
+          { $$= $3; }
         | MATCH ident_list_arg AGAINST '(' bit_expr fulltext_options ')'
           {
             $2->push_front($5);
             Item_func_match *i1= new (YYTHD->mem_root) Item_func_match(*$2, $6);
+            if (i1 == NULL)
+              MYSQL_YYABORT;
             Select->add_ftfunc_to_list(i1);
             $$= i1;
           }
@@ -7181,26 +7411,36 @@ simple_expr:
           {
             $$= create_func_cast(YYTHD, $2, ITEM_CAST_CHAR, NULL, NULL,
                                  &my_charset_bin);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | CAST_SYM '(' expr AS cast_type ')'
           {
             LEX *lex= Lex;
             $$= create_func_cast(YYTHD, $3, $5, lex->length, lex->dec,
                                  lex->charset);
-            if (!$$)
+            if ($$ == NULL)
               MYSQL_YYABORT;
           }
         | CASE_SYM opt_expr when_list opt_else END
-          { $$= new (YYTHD->mem_root) Item_func_case(* $3, $2, $4 ); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_case(* $3, $2, $4 );
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | CONVERT_SYM '(' expr ',' cast_type ')'
           {
             $$= create_func_cast(YYTHD, $3, $5, Lex->length, Lex->dec,
                                  Lex->charset);
-            if (!$$)
+            if ($$ == NULL)
               MYSQL_YYABORT;
           }
         | CONVERT_SYM '(' expr USING charset_name ')'
-          { $$= new (YYTHD->mem_root) Item_func_conv_charset($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_conv_charset($3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | DEFAULT '(' simple_ident ')'
           {
             if ($3->is_splocal())
@@ -7212,15 +7452,23 @@ simple_expr:
             }
             $$= new (YYTHD->mem_root) Item_default_value(Lex->current_context(),
                                                          $3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | VALUES '(' simple_ident_nospvar ')'
           {
             $$= new (YYTHD->mem_root) Item_insert_value(Lex->current_context(),
                                                         $3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | INTERVAL_SYM expr interval '+' expr %prec INTERVAL_SYM
           /* we cannot put interval before - */
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($5,$2,$3,0); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($5,$2,$3,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 /*
@@ -7231,31 +7479,63 @@ simple_expr:
 */
 function_call_keyword:
           CHAR_SYM '(' expr_list ')'
-          { $$= new (YYTHD->mem_root) Item_func_char(*$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_char(*$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | CHAR_SYM '(' expr_list USING charset_name ')'
-          { $$= new (YYTHD->mem_root) Item_func_char(*$3, $5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_char(*$3, $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | CURRENT_USER optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_current_user(Lex->current_context());
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->set_stmt_unsafe();
             Lex->safe_to_cache_query= 0;
           }
         | DATE_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_date_typecast($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_typecast($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | DAY_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_dayofmonth($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_dayofmonth($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | HOUR_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_hour($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_hour($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | INSERT '(' expr ',' expr ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_insert($3,$5,$7,$9); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_insert($3,$5,$7,$9);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | INTERVAL_SYM '(' expr ',' expr ')' %prec INTERVAL_SYM
           {
             THD *thd= YYTHD;
             List<Item> *list= new (thd->mem_root) List<Item>;
+            if (list == NULL)
+              MYSQL_YYABORT;
             list->push_front($5);
             list->push_front($3);
             Item_row *item= new (thd->mem_root) Item_row(*list);
+            if (item == NULL)
+              MYSQL_YYABORT;
             $$= new (thd->mem_root) Item_func_interval(item);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | INTERVAL_SYM '(' expr ',' expr ',' expr_list ')' %prec INTERVAL_SYM
           {
@@ -7263,48 +7543,120 @@ function_call_keyword:
             $7->push_front($5);
             $7->push_front($3);
             Item_row *item= new (thd->mem_root) Item_row(*$7);
+            if (item == NULL)
+              MYSQL_YYABORT;
             $$= new (thd->mem_root) Item_func_interval(item);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | LEFT '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_left($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_left($3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | MINUTE_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_minute($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_minute($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | MONTH_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_month($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_month($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | RIGHT '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_right($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_right($3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SECOND_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_second($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_second($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TIME_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_time_typecast($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_time_typecast($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TIMESTAMP '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_datetime_typecast($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_datetime_typecast($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TIMESTAMP '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_add_time($3, $5, 1, 0); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_add_time($3, $5, 1, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_trim($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_trim($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' LEADING expr FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_ltrim($6,$4); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_ltrim($6,$4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' TRAILING expr FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_rtrim($6,$4); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_rtrim($6,$4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' BOTH expr FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_trim($6,$4); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_trim($6,$4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' LEADING FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_ltrim($5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_ltrim($5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' TRAILING FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_rtrim($5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_rtrim($5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' BOTH FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_trim($5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_trim($5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TRIM '(' expr FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_trim($5,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_trim($5,$3);
+          }
         | USER '(' ')'
           {
             $$= new (YYTHD->mem_root) Item_func_user();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->set_stmt_unsafe();
             Lex->safe_to_cache_query=0;
           }
         | YEAR_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_year($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_year($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 /*
@@ -7324,65 +7676,127 @@ function_call_nonkeyword:
           {
             $$= new (YYTHD->mem_root) Item_date_add_interval($3, $5,
                                                              INTERVAL_DAY, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | ADDDATE_SYM '(' expr ',' INTERVAL_SYM expr interval ')'
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($3, $6, $7, 0); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($3, $6, $7, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | CURDATE optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_curdate_local();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | CURTIME optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_curtime_local();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | CURTIME '(' expr ')'
           {
             $$= new (YYTHD->mem_root) Item_func_curtime_local($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
-        | DATE_ADD_INTERVAL '(' expr ',' INTERVAL_SYM expr interval ')' %prec INTERVAL_SYM
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($3,$6,$7,0); }
-        | DATE_SUB_INTERVAL '(' expr ',' INTERVAL_SYM expr interval ')' %prec INTERVAL_SYM
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($3,$6,$7,1); }
+        | DATE_ADD_INTERVAL '(' expr ',' INTERVAL_SYM expr interval ')'
+          %prec INTERVAL_SYM
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($3,$6,$7,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | DATE_SUB_INTERVAL '(' expr ',' INTERVAL_SYM expr interval ')'
+          %prec INTERVAL_SYM
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($3,$6,$7,1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | EXTRACT_SYM '(' interval FROM expr ')'
-          { $$=new (YYTHD->mem_root) Item_extract( $3, $5); }
+          {
+            $$=new (YYTHD->mem_root) Item_extract( $3, $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | GET_FORMAT '(' date_time_type  ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_get_format($3, $5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_get_format($3, $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | NOW_SYM optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_now_local();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | NOW_SYM '(' expr ')'
           {
             $$= new (YYTHD->mem_root) Item_func_now_local($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | POSITION_SYM '(' bit_expr IN_SYM expr ')'
-          { $$ = new (YYTHD->mem_root) Item_func_locate($5,$3); }
+          {
+            $$ = new (YYTHD->mem_root) Item_func_locate($5,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUBDATE_SYM '(' expr ',' expr ')'
           {
             $$= new (YYTHD->mem_root) Item_date_add_interval($3, $5,
                                                              INTERVAL_DAY, 1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | SUBDATE_SYM '(' expr ',' INTERVAL_SYM expr interval ')'
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($3, $6, $7, 1); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($3, $6, $7, 1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUBSTRING '(' expr ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_substr($3,$5,$7); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_substr($3,$5,$7);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUBSTRING '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_substr($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_substr($3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUBSTRING '(' expr FROM expr FOR_SYM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_substr($3,$5,$7); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_substr($3,$5,$7);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUBSTRING '(' expr FROM expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_substr($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_substr($3,$5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SYSDATE optional_braces
           {
             if (global_system_variables.sysdate_is_now == 0)
               $$= new (YYTHD->mem_root) Item_func_sysdate_local();
             else
               $$= new (YYTHD->mem_root) Item_func_now_local();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | SYSDATE '(' expr ')'
@@ -7391,15 +7805,27 @@ function_call_nonkeyword:
               $$= new (YYTHD->mem_root) Item_func_sysdate_local($3);
             else
               $$= new (YYTHD->mem_root) Item_func_now_local($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | TIMESTAMP_ADD '(' interval_time_stamp ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_date_add_interval($7,$5,$3,0); }
+          {
+            $$= new (YYTHD->mem_root) Item_date_add_interval($7,$5,$3,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | TIMESTAMP_DIFF '(' interval_time_stamp ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_timestamp_diff($5,$7,$3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_timestamp_diff($5,$7,$3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | UTC_DATE_SYM optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_curdate_utc();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         | UTC_TIME_SYM optional_braces
@@ -7410,6 +7836,8 @@ function_call_nonkeyword:
         | UTC_TIMESTAMP_SYM optional_braces
           {
             $$= new (YYTHD->mem_root) Item_func_now_utc();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             Lex->safe_to_cache_query=0;
           }
         ;
@@ -7421,26 +7849,42 @@ function_call_nonkeyword:
 */
 function_call_conflict:
           ASCII_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_ascii($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_ascii($3);
+          }
         | CHARSET '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_charset($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_charset($3);
+          }
         | COALESCE '(' expr_list ')'
-          { $$= new (YYTHD->mem_root) Item_func_coalesce(* $3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_coalesce(* $3);
+          }
         | COLLATION_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_collation($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_collation($3);
+          }
         | DATABASE '(' ')'
           {
             $$= new (YYTHD->mem_root) Item_func_database();
             Lex->safe_to_cache_query=0;
           }
         | IF '(' expr ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_if($3,$5,$7); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_if($3,$5,$7);
+          }
         | MICROSECOND_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_microsecond($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_microsecond($3);
+          }
         | MOD_SYM '(' expr ',' expr ')'
-          { $$ = new (YYTHD->mem_root) Item_func_mod( $3, $5); }
+          {
+            $$ = new (YYTHD->mem_root) Item_func_mod($3, $5);
+          }
         | OLD_PASSWORD '(' expr ')'
-          { $$=  new (YYTHD->mem_root) Item_func_old_password($3); }
+          {
+            $$=  new (YYTHD->mem_root) Item_func_old_password($3);
+          }
         | PASSWORD '(' expr ')'
           {
             THD *thd= YYTHD;
@@ -7452,15 +7896,25 @@ function_call_conflict:
             $$= i1;
           }
         | QUARTER_SYM '(' expr ')'
-          { $$ = new (YYTHD->mem_root) Item_func_quarter($3); }
+          {
+            $$ = new (YYTHD->mem_root) Item_func_quarter($3);
+          }
         | REPEAT_SYM '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_repeat($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_repeat($3,$5);
+          }
         | REPLACE '(' expr ',' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_replace($3,$5,$7); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_replace($3,$5,$7);
+          }
         | REVERSE_SYM '(' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_reverse($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_reverse($3);
+          }
         | TRUNCATE_SYM '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_round($3,$5,1); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_round($3,$5,1);
+          }
         | WEEK_SYM '(' expr ')'
           {
             THD *thd= YYTHD;
@@ -7471,9 +7925,13 @@ function_call_conflict:
             $$= new (thd->mem_root) Item_func_week($3, i1);
           }
         | WEEK_SYM '(' expr ',' expr ')'
-          { $$= new (YYTHD->mem_root) Item_func_week($3,$5); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_week($3,$5);
+          }
         | WEIGHT_STRING_SYM '(' expr opt_ws_levels ')'
-          { $$= new (YYTHD->mem_root) Item_func_weight_string($3, 0, 0, $4); }
+          {
+            $$= new (YYTHD->mem_root) Item_func_weight_string($3, 0, 0, $4);
+          }
         | WEIGHT_STRING_SYM '(' expr AS CHAR_SYM ws_nweights opt_ws_levels ')'
           {
             $$= new (YYTHD->mem_root)
@@ -7494,6 +7952,9 @@ function_call_conflict:
           {
 #ifdef HAVE_SPATIAL
             $$= $1;
+            /* $1 may be NULL, GEOM_NEW not tested for out of memory */
+            if ($$ == NULL)
+              MYSQL_YYABORT;
 #else
             my_error(ER_FEATURE_DISABLED, MYF(0),
                      sym_group_geom.name, sym_group_geom.needed_define);
@@ -7502,6 +7963,7 @@ function_call_conflict:
           }
         ;
 
+/* may return NULL */
 geometry_function:
           CONTAINS_SYM '(' expr ',' expr ')'
           {
@@ -7545,7 +8007,9 @@ geometry_function:
                            Geometry::wkb_polygon));
           }
         | POINT_SYM '(' expr ',' expr ')'
-          { $$= GEOM_NEW(YYTHD, Item_func_point($3,$5)); }
+          {
+            $$= GEOM_NEW(YYTHD, Item_func_point($3,$5));
+          }
         | POLYGON '(' expr_list ')'
           {
             $$= GEOM_NEW(YYTHD,
@@ -7690,6 +8154,8 @@ udf_expr_list:
           udf_expr
           {
             $$= new (YYTHD->mem_root) List<Item>;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->push_back($1);
           }
         | udf_expr_list ',' udf_expr
@@ -7721,50 +8187,125 @@ udf_expr:
 
 sum_expr:
           AVG_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_avg($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_avg($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | AVG_SYM '(' DISTINCT in_sum_expr ')'
-          { $$=new Item_sum_avg_distinct($4); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_avg_distinct($4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | BIT_AND  '(' in_sum_expr ')'
-          { $$=new Item_sum_and($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_and($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | BIT_OR  '(' in_sum_expr ')'
-          { $$=new Item_sum_or($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_or($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | BIT_XOR  '(' in_sum_expr ')'
-          { $$=new Item_sum_xor($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_xor($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | COUNT_SYM '(' opt_all '*' ')'
-          { $$=new Item_sum_count(new Item_int((int32) 0L,1)); }
+          {
+            Item *item= new (YYTHD->mem_root) Item_int((int32) 0L,1);
+            if (item == NULL)
+              MYSQL_YYABORT;
+            $$= new Item_sum_count(item);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | COUNT_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_count($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_count($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | COUNT_SYM '(' DISTINCT
           { Select->in_sum_expr++; }
           expr_list
           { Select->in_sum_expr--; }
           ')'
-          { $$=new Item_sum_count_distinct(* $5); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_count_distinct(* $5);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | MIN_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_min($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_min($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         /*
           According to ANSI SQL, DISTINCT is allowed and has
           no sense inside MIN and MAX grouping functions; so MIN|MAX(DISTINCT ...)
           is processed like an ordinary MIN | MAX()
         */
         | MIN_SYM '(' DISTINCT in_sum_expr ')'
-          { $$=new Item_sum_min($4); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_min($4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | MAX_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_max($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_max($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | MAX_SYM '(' DISTINCT in_sum_expr ')'
-          { $$=new Item_sum_max($4); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_max($4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | STD_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_std($3, 0); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_std($3, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | VARIANCE_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_variance($3, 0); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_variance($3, 0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | STDDEV_SAMP_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_std($3, 1); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_std($3, 1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | VAR_SAMP_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_variance($3, 1); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_variance($3, 1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUM_SYM '(' in_sum_expr ')'
-          { $$=new Item_sum_sum($3); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_sum($3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SUM_SYM '(' DISTINCT in_sum_expr ')'
-          { $$=new Item_sum_sum_distinct($4); }
+          {
+            $$= new (YYTHD->mem_root) Item_sum_sum_distinct($4);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | GROUP_CONCAT_SYM '(' opt_distinct
           { Select->in_sum_expr++; }
           expr_list opt_gorder_clause
@@ -7773,8 +8314,11 @@ sum_expr:
           {
             SELECT_LEX *sel= Select;
             sel->in_sum_expr--;
-            $$=new Item_func_group_concat(Lex->current_context(), $3, $5,
-                                          sel->gorder_list, $7);
+            $$= new (YYTHD->mem_root)
+                  Item_func_group_concat(Lex->current_context(), $3, $5,
+                                         sel->gorder_list, $7);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $5->empty();
           }
         ;
@@ -7797,13 +8341,17 @@ variable:
 variable_aux:
           ident_or_text SET_VAR expr
           {
-            $$= new Item_func_set_user_var($1, $3);
+            $$= new (YYTHD->mem_root) Item_func_set_user_var($1, $3);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             LEX *lex= Lex;
             lex->uncacheable(UNCACHEABLE_RAND);
           }
         | ident_or_text
           {
-            $$= new Item_func_get_user_var($1);
+            $$= new (YYTHD->mem_root) Item_func_get_user_var($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             LEX *lex= Lex;
             lex->uncacheable(UNCACHEABLE_RAND);
           }
@@ -7829,9 +8377,11 @@ opt_distinct:
 
 opt_gconcat_separator:
           /* empty */
-            {
-              $$= new (YYTHD->mem_root) String(",", 1, &my_charset_latin1);
-            }
+          {
+            $$= new (YYTHD->mem_root) String(",", 1, &my_charset_latin1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | SEPARATOR_SYM text_string { $$ = $2; }
         ;
 
@@ -7846,6 +8396,8 @@ opt_gorder_clause:
             select->gorder_list=
               (SQL_LIST*) sql_memdup((char*) &select->order_list,
                                      sizeof(st_sql_list));
+            if (select->gorder_list == NULL)
+              MYSQL_YYABORT;
             select->order_list.empty();
           }
         ;
@@ -7901,6 +8453,8 @@ expr_list:
           expr
           {
             $$= new (YYTHD->mem_root) List<Item>;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->push_back($1);
           }
         | expr_list ',' expr
@@ -7919,6 +8473,8 @@ ident_list:
           simple_ident
           {
             $$= new (YYTHD->mem_root) List<Item>;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->push_back($1);
           }
         | ident_list ',' simple_ident
@@ -7942,6 +8498,8 @@ when_list:
           WHEN_SYM expr THEN_SYM expr
           {
             $$= new List<Item>;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             $$->push_back($2);
             $$->push_back($4);
           }
@@ -8444,15 +9002,21 @@ using_list:
           {
             if (!($$= new List<String>))
               MYSQL_YYABORT;
-            $$->push_back(new (YYTHD->mem_root)
-                              String((const char *) $1.str, $1.length,
-                                      system_charset_info));
+            String *s= new (YYTHD->mem_root) String((const char *) $1.str,
+                                                    $1.length,
+                                                    system_charset_info);
+            if (s == NULL)
+              MYSQL_YYABORT;
+            $$->push_back(s);
           }
         | using_list ',' ident
           {
-            $1->push_back(new (YYTHD->mem_root)
-                              String((const char *) $3.str, $3.length,
-                                      system_charset_info));
+            String *s= new (YYTHD->mem_root) String((const char *) $3.str,
+                                                    $3.length,
+                                                    system_charset_info);
+            if (s == NULL)
+              MYSQL_YYABORT;
+            $1->push_back(s);
             $$= $1;
           }
         ;
@@ -8520,7 +9084,11 @@ table_alias:
 opt_table_alias:
           /* empty */ { $$=0; }
         | table_alias ident
-          { $$= (LEX_STRING*) sql_memdup(&$2,sizeof(LEX_STRING)); }
+          {
+            $$= (LEX_STRING*) sql_memdup(&$2,sizeof(LEX_STRING));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 opt_all:
@@ -8568,10 +9136,13 @@ opt_escape:
           }
         | /* empty */
           {
+            THD *thd= YYTHD;
             Lex->escape_used= FALSE;
-            $$= ((YYTHD->variables.sql_mode & MODE_NO_BACKSLASH_ESCAPES) ?
-                 new Item_string("", 0, &my_charset_latin1) :
-                 new Item_string("\\", 1, &my_charset_latin1));
+            $$= ((thd->variables.sql_mode & MODE_NO_BACKSLASH_ESCAPES) ?
+                 new (thd->mem_root) Item_string("", 0, &my_charset_latin1) :
+                 new (thd->mem_root) Item_string("\\", 1, &my_charset_latin1));
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -8758,13 +9329,28 @@ limit_options:
         ;
 
 limit_option:
-        param_marker
-        {
-          ((Item_param *) $1)->limit_clause_param= TRUE;
-        }
-        | ULONGLONG_NUM { $$= new Item_uint($1.str, $1.length); }
-        | LONG_NUM      { $$= new Item_uint($1.str, $1.length); }
-        | NUM           { $$= new Item_uint($1.str, $1.length); }
+          param_marker
+          {
+            ((Item_param *) $1)->limit_clause_param= TRUE;
+          }
+        | ULONGLONG_NUM
+          {
+            $$= new (YYTHD->mem_root) Item_uint($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | LONG_NUM
+          {
+            $$= new (YYTHD->mem_root) Item_uint($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | NUM
+          {
+            $$= new (YYTHD->mem_root) Item_uint($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 delete_limit_clause:
@@ -8848,10 +9434,12 @@ procedure_clause:
             lex->proc_list.elements=0;
             lex->proc_list.first=0;
             lex->proc_list.next= (uchar**) &lex->proc_list.first;
-            if (add_proc_to_list(lex->thd, new Item_field(&lex->
-                                                          current_select->
-                                                          context,
-                                                          NULL,NULL,$2.str)))
+            Item_field *item= new (YYTHD->mem_root)
+                                Item_field(&lex->current_select->context,
+                                           NULL, NULL, $2.str);
+            if (item == NULL)
+              MYSQL_YYABORT;
+            if (add_proc_to_list(lex->thd, item))
               MYSQL_YYABORT;
             Lex->uncacheable(UNCACHEABLE_SIDEEFFECT);
           }
@@ -8900,13 +9488,20 @@ select_var_ident:  
           {
             LEX *lex=Lex;
             if (lex->result) 
-              ((select_dumpvar *)lex->result)->var_list.push_back( new my_var($2,0,0,(enum_field_types)0));
+            {
+              my_var *var= new my_var($2,0,0,(enum_field_types)0);
+              if (var == NULL)
+                MYSQL_YYABORT;
+              ((select_dumpvar *)lex->result)->var_list.push_back(var);
+            }
             else
+            {
               /*
                 The parser won't create select_result instance only
                 if it's an EXPLAIN.
               */
               DBUG_ASSERT(lex->describe);
+            }
           }
         | ident_or_text
           {
@@ -8920,12 +9515,12 @@ select_var_ident:  
             }
             if (lex->result)
             {
-              my_var *var;
-              ((select_dumpvar *)lex->result)->
-                var_list.push_back(var= new my_var($1,1,t->offset,t->type));
+              my_var *var= new my_var($1,1,t->offset,t->type);
+              if (var == NULL)
+                MYSQL_YYABORT;
+              ((select_dumpvar *)lex->result)->var_list.push_back(var);
 #ifndef DBUG_OFF
-              if (var)
-                var->sp= lex->sphead;
+              var->sp= lex->sphead;
 #endif
             }
             else
@@ -9011,12 +9606,14 @@ drop:
         | DROP build_method INDEX_SYM ident ON table_ident {}
           {
             LEX *lex=Lex;
+            Alter_drop *ad= new Alter_drop(Alter_drop::KEY, $4.str);
+            if (ad == NULL)
+              MYSQL_YYABORT;
             lex->sql_command= SQLCOM_DROP_INDEX;
             lex->alter_info.reset();
             lex->alter_info.flags= ALTER_DROP_INDEX;
             lex->alter_info.build_method= $2;
-            lex->alter_info.drop_list.push_back(new Alter_drop(Alter_drop::KEY,
-                                                               $4.str));
+            lex->alter_info.drop_list.push_back(ad);
             if (!lex->current_select->add_table_to_list(lex->thd, $6, NULL,
                                                         TL_OPTION_UPDATING))
               MYSQL_YYABORT;
@@ -9041,6 +9638,8 @@ drop:
             lex->sql_command = SQLCOM_DROP_FUNCTION;
             lex->drop_if_exists= $3;
             spname= new sp_name($4, $6, true);
+            if (spname == NULL)
+              MYSQL_YYABORT;
             spname->init_qname(thd);
             lex->spname= spname;
           }
@@ -9060,6 +9659,8 @@ drop:
             lex->sql_command = SQLCOM_DROP_FUNCTION;
             lex->drop_if_exists= $3;
             spname= new sp_name(db, $4, false);
+            if (spname == NULL)
+              MYSQL_YYABORT;
             spname->init_qname(thd);
             lex->spname= spname;
           }
@@ -9327,7 +9928,12 @@ values:
 
 expr_or_default:
           expr { $$= $1;}
-        | DEFAULT {$$= new Item_default_value(Lex->current_context()); }
+        | DEFAULT
+          {
+            $$= new (YYTHD->mem_root) Item_default_value(Lex->current_context());
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 opt_insert_update:
@@ -9451,7 +10057,11 @@ table_wild_list:
 table_wild_one:
           ident opt_wild
           {
-            if (!Select->add_table_to_list(YYTHD, new Table_ident($1),
+            Table_ident *ti= new Table_ident($1);
+            if (ti == NULL)
+              MYSQL_YYABORT;
+            if (!Select->add_table_to_list(YYTHD,
+                                           ti,
                                            NULL,
                                            TL_OPTION_UPDATING | TL_OPTION_ALIAS,
                                            Lex->lock_option))
@@ -9459,8 +10069,11 @@ table_wild_one:
           }
         | ident '.' ident opt_wild
           {
+            Table_ident *ti= new Table_ident(YYTHD, $1, $3, 0);
+            if (ti == NULL)
+              MYSQL_YYABORT;
             if (!Select->add_table_to_list(YYTHD,
-                                           new Table_ident(YYTHD, $1, $3, 0),
+                                           ti,
                                            NULL,
                                            TL_OPTION_UPDATING | TL_OPTION_ALIAS,
                                            Lex->lock_option))
@@ -9897,6 +10510,8 @@ wild_and_where:
           {
             Lex->wild= new (YYTHD->mem_root) String($2.str, $2.length,
                                                     system_charset_info);
+            if (Lex->wild == NULL)
+              MYSQL_YYABORT;
           }
         | WHERE expr
           {
@@ -9949,6 +10564,8 @@ opt_describe_column:
             Lex->wild= new (YYTHD->mem_root) String((const char*) $1.str,
                                                     $1.length,
                                                     system_charset_info);
+            if (Lex->wild == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -10258,7 +10875,11 @@ fields_or_vars:
 field_or_var:
           simple_ident_nospvar {$$= $1;}
         | '@' ident_or_text
-          { $$= new Item_user_var_as_out_param($2); }
+          {
+            $$= new (YYTHD->mem_root) Item_user_var_as_out_param($2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 opt_load_data_set_spec:
@@ -10284,20 +10905,30 @@ text_literal:
               tmp= $1;
             else
               thd->convert_string(&tmp, cs_con, $1.str, $1.length, cs_cli);
-            $$= new Item_string(tmp.str, tmp.length, cs_con,
-                                DERIVATION_COERCIBLE, repertoire);
+            $$= new (thd->mem_root) Item_string(tmp.str, tmp.length, cs_con,
+                                                DERIVATION_COERCIBLE,
+                                                repertoire);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | NCHAR_STRING
           {
             uint repertoire= Lex->text_string_is_7bit ?
                              MY_REPERTOIRE_ASCII : MY_REPERTOIRE_UNICODE30;
             DBUG_ASSERT(my_charset_is_ascii_based(national_charset_info));
-            $$= new Item_string($1.str, $1.length, national_charset_info,
-                                DERIVATION_COERCIBLE, repertoire);
+            $$= new (YYTHD->mem_root) Item_string($1.str, $1.length,
+                                                  national_charset_info,
+                                                  DERIVATION_COERCIBLE,
+                                                  repertoire);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | UNDERSCORE_CHARSET TEXT_STRING
           {
-            Item_string *str= new Item_string($2.str, $2.length, $1);
+            Item_string *str= new (YYTHD->mem_root) Item_string($2.str,
+                                                                $2.length, $1);
+            if (str == NULL)
+              MYSQL_YYABORT;
             str->set_repertoire_from_value();
             str->set_cs_specified(TRUE);
 
@@ -10327,27 +10958,30 @@ text_string:
             $$= new (YYTHD->mem_root) String($1.str,
                                              $1.length,
                                              YYTHD->variables.collation_connection);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | HEX_NUM
           {
-            Item *tmp= new Item_hex_string($1.str, $1.length);
+            Item *tmp= new (YYTHD->mem_root) Item_hex_string($1.str, $1.length);
+            if (tmp == NULL)
+              MYSQL_YYABORT;
             /*
               it is OK only emulate fix_fields, because we need only
               value of constant
             */
-            $$= tmp ?
-              tmp->quick_fix_field(), tmp->val_str((String*) 0) :
-              (String*) 0;
+            tmp->quick_fix_field();
+            $$= tmp->val_str((String*) 0);
           }
         | BIN_NUM
           {
-            Item *tmp= new Item_bin_string($1.str, $1.length);
+            Item *tmp= new (YYTHD->mem_root) Item_bin_string($1.str, $1.length);
             /*
               it is OK only emulate fix_fields, because we need only
               value of constant
             */
-            $$= tmp ? tmp->quick_fix_field(), tmp->val_str((String*) 0) :
-              (String*) 0;
+            tmp->quick_fix_field();
+            $$= tmp->val_str((String*) 0);
           }
         ;
 
@@ -10363,7 +10997,7 @@ param_marker:
               my_error(ER_VIEW_SELECT_VARIABLE, MYF(0));
               MYSQL_YYABORT;
             }
-            item= new Item_param((uint) (lip->get_tok_start() - thd->query));
+            item= new (thd->mem_root) Item_param((uint) (lip->get_tok_start() - thd->query));
             if (!($$= item) || lex->param_list.push_back(item))
             {
               my_message(ER_OUT_OF_RESOURCES, ER(ER_OUT_OF_RESOURCES), MYF(0));
@@ -10387,29 +11021,53 @@ literal:
         | NUM_literal { $$ = $1; }
         | NULL_SYM
           {
-            $$ = new Item_null();
+            $$ = new (YYTHD->mem_root) Item_null();
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             YYLIP->next_state= MY_LEX_OPERATOR_OR_IDENT;
           }
-        | FALSE_SYM { $$= new Item_int((char*) "FALSE",0,1); }
-        | TRUE_SYM { $$= new Item_int((char*) "TRUE",1,1); }
-        | HEX_NUM { $$ = new Item_hex_string($1.str, $1.length);}
-        | BIN_NUM { $$= new Item_bin_string($1.str, $1.length); }
+        | FALSE_SYM
+          {
+            $$= new (YYTHD->mem_root) Item_int((char*) "FALSE",0,1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | TRUE_SYM
+          {
+            $$= new (YYTHD->mem_root) Item_int((char*) "TRUE",1,1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | HEX_NUM
+          {
+            $$ = new (YYTHD->mem_root) Item_hex_string($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | BIN_NUM
+          {
+            $$= new (YYTHD->mem_root) Item_bin_string($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | UNDERSCORE_CHARSET HEX_NUM
           {
-            Item *tmp= new Item_hex_string($2.str, $2.length);
+            Item *tmp= new (YYTHD->mem_root) Item_hex_string($2.str, $2.length);
+            if (tmp == NULL)
+              MYSQL_YYABORT;
             /*
               it is OK only emulate fix_fieds, because we need only
               value of constant
             */
-            String *str= tmp ?
-              tmp->quick_fix_field(), tmp->val_str((String*) 0) :
-              (String*) 0;
-
-            Item_string *item_str=
-              new Item_string(NULL, /* name will be set in select_item */
-                              str ? str->ptr() : "",
-                              str ? str->length() : 0,
-                              $1);
+            tmp->quick_fix_field();
+            String *str= tmp->val_str((String*) 0);
+
+            Item_string *item_str;
+            item_str= new (YYTHD->mem_root)
+                        Item_string(NULL, /* name will be set in select_item */
+                                    str ? str->ptr() : "",
+                                    str ? str->length() : 0,
+                                    $1);
             if (!item_str ||
                 !item_str->check_well_formed_result(&item_str->str_value, TRUE))
             {
@@ -10423,20 +11081,22 @@ literal:
           }
         | UNDERSCORE_CHARSET BIN_NUM
           {
-            Item *tmp= new Item_bin_string($2.str, $2.length);
+            Item *tmp= new (YYTHD->mem_root) Item_bin_string($2.str, $2.length);
+            if (tmp == NULL)
+              MYSQL_YYABORT;
             /*
               it is OK only emulate fix_fieds, because we need only
               value of constant
             */
-            String *str= tmp ?
-              tmp->quick_fix_field(), tmp->val_str((String*) 0) :
-              (String*) 0;
-
-            Item_string *item_str=
-              new Item_string(NULL, /* name will be set in select_item */
-                              str ? str->ptr() : "",
-                              str ? str->length() : 0,
-                              $1);
+            tmp->quick_fix_field();
+            String *str= tmp->val_str((String*) 0);
+
+            Item_string *item_str;
+            item_str= new (YYTHD->mem_root)
+                        Item_string(NULL, /* name will be set in select_item */
+                                    str ? str->ptr() : "",
+                                    str ? str->length() : 0,
+                                    $1);
             if (!item_str ||
                 !item_str->check_well_formed_result(&item_str->str_value, TRUE))
             {
@@ -10456,27 +11116,42 @@ NUM_literal:
           NUM
           {
             int error;
-            $$ = new Item_int($1.str, (longlong) my_strtoll10($1.str, NULL, &error), $1.length);
+            $$= new (YYTHD->mem_root)
+                  Item_int($1.str,
+                           (longlong) my_strtoll10($1.str, NULL, &error),
+                           $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | LONG_NUM
           {
             int error;
-            $$ = new Item_int($1.str, (longlong) my_strtoll10($1.str, NULL, &error), $1.length);
+            $$= new (YYTHD->mem_root)
+                  Item_int($1.str,
+                           (longlong) my_strtoll10($1.str, NULL, &error),
+                           $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | ULONGLONG_NUM
-          { $$ = new Item_uint($1.str, $1.length); }
+          {
+            $$= new (YYTHD->mem_root) Item_uint($1.str, $1.length);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         | DECIMAL_NUM
           {
-            $$= new Item_decimal($1.str, $1.length, YYTHD->charset());
-            if (YYTHD->is_error())
+            $$= new (YYTHD->mem_root) Item_decimal($1.str, $1.length,
+                                                   YYTHD->charset());
+            if (($$ == NULL) || (YYTHD->is_error()))
             {
               MYSQL_YYABORT;
             }
           }
         | FLOAT_NUM
           {
-            $$ = new Item_float($1.str, $1.length);
-            if (YYTHD->is_error())
+            $$ = new (YYTHD->mem_root) Item_float($1.str, $1.length);
+            if (($$ == NULL) || (YYTHD->is_error()))
             {
               MYSQL_YYABORT;
             }
@@ -10496,15 +11171,23 @@ table_wild:
           ident '.' '*'
           {
             SELECT_LEX *sel= Select;
-            $$ = new Item_field(Lex->current_context(), NullS, $1.str, "*");
+            $$ = new (YYTHD->mem_root) Item_field(Lex->current_context(),
+                                                  NullS, $1.str, "*");
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             sel->with_wild++;
           }
         | ident '.' ident '.' '*'
           {
+            THD *thd= YYTHD;
             SELECT_LEX *sel= Select;
-            $$ = new Item_field(Lex->current_context(), (YYTHD->client_capabilities &
-                                CLIENT_NO_SCHEMA ? NullS : $1.str),
-                                $3.str,"*");
+            const char* schema= thd->client_capabilities & CLIENT_NO_SCHEMA ?
+                                  NullS : $1.str;
+            $$ = new (thd->mem_root) Item_field(Lex->current_context(),
+                                                schema,
+                                                $3.str,"*");
+            if ($$ == NULL)
+              MYSQL_YYABORT;
             sel->with_wild++;
           }
         ;
@@ -10531,24 +11214,35 @@ simple_ident:
               }
 
               Item_splocal *splocal;
-              splocal= new Item_splocal($1, spv->offset, spv->type,
-                                        lip->get_tok_start_prev() -
-                                        lex->sphead->m_tmp_query,
-                                        lip->get_tok_end() - lip->get_tok_start_prev());
+              splocal= new (thd->mem_root)
+                         Item_splocal($1,
+                                      spv->offset, spv->type,
+                                      lip->get_tok_start_prev() - lex->sphead->m_tmp_query,
+                                      lip->get_tok_end() - lip->get_tok_start_prev());
+              if (splocal == NULL)
+                MYSQL_YYABORT;
 #ifndef DBUG_OFF
-              if (splocal)
-                splocal->m_sp= lex->sphead;
+              splocal->m_sp= lex->sphead;
 #endif
-              $$ = (Item*) splocal;
+              $$= splocal;
               lex->safe_to_cache_query=0;
             }
             else
             {
-              SELECT_LEX *sel=Select;
-              $$= (sel->parsing_place != IN_HAVING ||
-                  sel->get_in_sum_expr() > 0) ?
-                  (Item*) new Item_field(Lex->current_context(), NullS, NullS, $1.str) :
-                  (Item*) new Item_ref(Lex->current_context(), NullS, NullS, $1.str);
+              SELECT_LEX *sel= Select;
+              if ((sel->parsing_place != IN_HAVING) ||
+                  (sel->get_in_sum_expr() > 0))
+              {
+                $$= new (thd->mem_root) Item_field(Lex->current_context(),
+                                                   NullS, NullS, $1.str);
+              }
+              else
+              {
+                $$= new (thd->mem_root) Item_ref(Lex->current_context(),
+                                                 NullS, NullS, $1.str);
+              }
+              if ($$ == NULL)
+                MYSQL_YYABORT;
             }
           }
         | simple_ident_q { $$= $1; }
@@ -10557,11 +11251,21 @@ simple_ident:
 simple_ident_nospvar:
           ident
           {
-            SELECT_LEX *sel=Select;
-            $$= (sel->parsing_place != IN_HAVING ||
-                sel->get_in_sum_expr() > 0) ?
-                (Item*) new Item_field(Lex->current_context(), NullS, NullS, $1.str) :
-                (Item*) new Item_ref(Lex->current_context(), NullS, NullS, $1.str);
+            THD *thd= YYTHD;
+            SELECT_LEX *sel= Select;
+            if ((sel->parsing_place != IN_HAVING) ||
+                (sel->get_in_sum_expr() > 0))
+            {
+              $$= new (thd->mem_root) Item_field(Lex->current_context(),
+                                                 NullS, NullS, $1.str);
+            }
+            else
+            {
+              $$= new (thd->mem_root) Item_ref(Lex->current_context(),
+                                               NullS, NullS, $1.str);
+            }
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | simple_ident_q { $$= $1; }
         ;
@@ -10603,13 +11307,16 @@ simple_ident_q:
                            lex->trg_chistics.event == TRG_EVENT_UPDATE));
               const bool read_only=
                 !(new_row && lex->trg_chistics.action_time == TRG_ACTION_BEFORE);
-              if (!(trg_fld= new Item_trigger_field(Lex->current_context(),
-                                                    new_row ?
-                                                    Item_trigger_field::NEW_ROW:
-                                                    Item_trigger_field::OLD_ROW,
-                                                    $3.str,
-                                                    SELECT_ACL,
-                                                    read_only)))
+
+              trg_fld= new (thd->mem_root)
+                         Item_trigger_field(Lex->current_context(),
+                                            new_row ?
+                                              Item_trigger_field::NEW_ROW:
+                                              Item_trigger_field::OLD_ROW,
+                                            $3.str,
+                                            SELECT_ACL,
+                                            read_only);
+              if (trg_fld == NULL)
                 MYSQL_YYABORT;
 
               /*
@@ -10619,7 +11326,7 @@ simple_ident_q:
               lex->trg_table_fields.link_in_list((uchar*) trg_fld,
                                                  (uchar**) &trg_fld->next_trg_field);
 
-              $$= (Item *)trg_fld;
+              $$= trg_fld;
             }
             else
             {
@@ -10629,10 +11336,19 @@ simple_ident_q:
                 my_error(ER_TABLENAME_NOT_ALLOWED_HERE,
                          MYF(0), $1.str, thd->where);
               }
-              $$= (sel->parsing_place != IN_HAVING ||
-                  sel->get_in_sum_expr() > 0) ?
-                  (Item*) new Item_field(Lex->current_context(), NullS, $1.str, $3.str) :
-                  (Item*) new Item_ref(Lex->current_context(), NullS, $1.str, $3.str);
+              if ((sel->parsing_place != IN_HAVING) ||
+                  (sel->get_in_sum_expr() > 0))
+              {
+                $$= new (thd->mem_root) Item_field(Lex->current_context(),
+                                                   NullS, $1.str, $3.str);
+              }
+              else
+              {
+                $$= new (thd->mem_root) Item_ref(Lex->current_context(),
+                                                 NullS, $1.str, $3.str);
+              }
+              if ($$ == NULL)
+                MYSQL_YYABORT;
             }
           }
         | '.' ident '.' ident
@@ -10645,31 +11361,45 @@ simple_ident_q:
               my_error(ER_TABLENAME_NOT_ALLOWED_HERE,
                        MYF(0), $2.str, thd->where);
             }
-            $$= (sel->parsing_place != IN_HAVING ||
-                sel->get_in_sum_expr() > 0) ?
-                (Item*) new Item_field(Lex->current_context(), NullS, $2.str, $4.str) :
-                (Item*) new Item_ref(Lex->current_context(), NullS, $2.str, $4.str);
+            if ((sel->parsing_place != IN_HAVING) ||
+                (sel->get_in_sum_expr() > 0))
+            {
+              $$= new (thd->mem_root) Item_field(Lex->current_context(),
+                                                 NullS, $2.str, $4.str);
+            }
+            else
+            {
+              $$= new (thd->mem_root) Item_ref(Lex->current_context(),
+                                               NullS, $2.str, $4.str);
+            }
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | ident '.' ident '.' ident
           {
             THD *thd= YYTHD;
             LEX *lex= thd->lex;
             SELECT_LEX *sel= lex->current_select;
+            const char* schema= (thd->client_capabilities & CLIENT_NO_SCHEMA ?
+                                 NullS : $1.str);
             if (sel->no_table_names_allowed)
             {
               my_error(ER_TABLENAME_NOT_ALLOWED_HERE,
                        MYF(0), $3.str, thd->where);
             }
-            $$= (sel->parsing_place != IN_HAVING ||
-                sel->get_in_sum_expr() > 0) ?
-                (Item*) new Item_field(Lex->current_context(),
-                                       (YYTHD->client_capabilities &
-                                       CLIENT_NO_SCHEMA ? NullS : $1.str),
-                                       $3.str, $5.str) :
-                (Item*) new Item_ref(Lex->current_context(),
-                                     (YYTHD->client_capabilities &
-                                     CLIENT_NO_SCHEMA ? NullS : $1.str),
-                                     $3.str, $5.str);
+            if ((sel->parsing_place != IN_HAVING) ||
+                (sel->get_in_sum_expr() > 0))
+            {
+              $$= new (thd->mem_root) Item_field(Lex->current_context(),
+                                                 schema, $3.str, $5.str);
+            }
+            else
+            {
+              $$= new (thd->mem_root) Item_ref(Lex->current_context(),
+                                               schema, $3.str, $5.str);
+            }
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -10705,16 +11435,34 @@ field_ident:
         ;
 
 table_ident:
-          ident { $$=new Table_ident($1); }
-        | ident '.' ident { $$=new Table_ident(YYTHD, $1,$3,0);}
-        | '.' ident { $$=new Table_ident($2);} /* For Delphi */
+          ident
+          {
+            $$= new Table_ident($1);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | ident '.' ident
+          {
+            $$= new Table_ident(YYTHD, $1,$3,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | '.' ident
+          {
+            /* For Delphi */
+            $$= new Table_ident($2);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 table_ident_nodb:
           ident
           {
             LEX_STRING db={(char*) any_db,3};
-            $$=new Table_ident(YYTHD, db,$1,0);
+            $$= new Table_ident(YYTHD, db,$1,0);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -10740,8 +11488,11 @@ IDENT_sys:
               $$= $1;
             }
             else
-              thd->convert_string(&$$, system_charset_info,
-                                  $1.str, $1.length, thd->charset());
+            {
+              if (thd->convert_string(&$$, system_charset_info,
+                                      $1.str, $1.length, thd->charset()))
+                MYSQL_YYABORT;
+            }
           }
         ;
 
@@ -10753,8 +11504,11 @@ TEXT_STRING_sys:
             if (thd->charset_is_system_charset)
               $$= $1;
             else
-              thd->convert_string(&$$, system_charset_info,
-                                  $1.str, $1.length, thd->charset());
+            {
+              if (thd->convert_string(&$$, system_charset_info,
+                                      $1.str, $1.length, thd->charset()))
+                MYSQL_YYABORT;
+            }
           }
         ;
 
@@ -10766,8 +11520,11 @@ TEXT_STRING_literal:
             if (thd->charset_is_collation_connection)
               $$= $1;
             else
-              thd->convert_string(&$$, thd->variables.collation_connection,
-                                  $1.str, $1.length, thd->charset());
+            {
+              if (thd->convert_string(&$$, thd->variables.collation_connection,
+                                      $1.str, $1.length, thd->charset()))
+                MYSQL_YYABORT;
+            }
           }
         ;
 
@@ -10779,8 +11536,12 @@ TEXT_STRING_filesystem:
             if (thd->charset_is_character_set_filesystem)
               $$= $1;
             else
-              thd->convert_string(&$$, thd->variables.character_set_filesystem,
-                                  $1.str, $1.length, thd->charset());
+            {
+              if (thd->convert_string(&$$,
+                                      thd->variables.character_set_filesystem,
+                                      $1.str, $1.length, thd->charset()))
+                MYSQL_YYABORT;
+            }
           }
         ;
 
@@ -10790,6 +11551,8 @@ ident:
           {
             THD *thd= YYTHD;
             $$.str= thd->strmake($1.str, $1.length);
+            if ($$.str == NULL)
+              MYSQL_YYABORT;
             $$.length= $1.length;
           }
         ;
@@ -10800,6 +11563,8 @@ label_ident:
           {
             THD *thd= YYTHD;
             $$.str= thd->strmake($1.str, $1.length);
+            if ($$.str == NULL)
+              MYSQL_YYABORT;
             $$.length= $1.length;
           }
         ;
@@ -11327,6 +12092,7 @@ ext_option_value:
 sys_option_value:
           option_type internal_variable_name equal set_expr_or_default
           {
+            THD *thd= YYTHD;
             LEX *lex=Lex;
 
             if ($2.var == trg_new_row_fake_var)
@@ -11346,21 +12112,29 @@ sys_option_value:
               else
               {
                 /* QQ: Shouldn't this be field's default value ? */
-                it= new Item_null();
+                it= new (thd->mem_root) Item_null();
+                if (it == NULL)
+                  MYSQL_YYABORT;
               }
 
               DBUG_ASSERT(lex->trg_chistics.action_time == TRG_ACTION_BEFORE &&
                           (lex->trg_chistics.event == TRG_EVENT_INSERT ||
                            lex->trg_chistics.event == TRG_EVENT_UPDATE));
-              if (!(trg_fld= new Item_trigger_field(Lex->current_context(),
-                                                    Item_trigger_field::NEW_ROW,
-                                                    $2.base_name.str,
-                                                    UPDATE_ACL, FALSE)) ||
-                  !(sp_fld= new sp_instr_set_trigger_field(lex->sphead->
-                                                           instructions(),
-                                                           lex->spcont,
-                                                           trg_fld,
-                                                           it, lex)))
+
+              trg_fld= new (thd->mem_root)
+                         Item_trigger_field(Lex->current_context(),
+                                            Item_trigger_field::NEW_ROW,
+                                            $2.base_name.str,
+                                            UPDATE_ACL, FALSE);
+              if (trg_fld == NULL)
+                MYSQL_YYABORT;
+              
+              sp_fld= new sp_instr_set_trigger_field(lex->sphead->
+                                                     instructions(),
+                                                     lex->spcont,
+                                                     trg_fld,
+                                                     it, lex);
+              if (sp_fld == NULL)
                 MYSQL_YYABORT;
 
               /*
@@ -11377,8 +12151,11 @@ sys_option_value:
             { /* System variable */
               if ($1)
                 lex->option_type= $1;
-              lex->var_list.push_back(new set_var(lex->option_type, $2.var,
-                                      &$2.base_name, $4));
+              set_var *var= new set_var(lex->option_type, $2.var,
+                                        &$2.base_name, $4);
+              if (var == NULL)
+                MYSQL_YYABORT;
+              lex->var_list.push_back(var);
             }
             else
             {
@@ -11400,39 +12177,69 @@ sys_option_value:
               else if (spv->dflt)
                 it= spv->dflt;
               else
-                it= new Item_null();
+              {
+                it= new (thd->mem_root) Item_null();
+                if (it == NULL)
+                  MYSQL_YYABORT;
+              }
               sp_set= new sp_instr_set(lex->sphead->instructions(), ctx,
                                        spv->offset, it, spv->type, lex, TRUE);
+              if (sp_set == NULL)
+                MYSQL_YYABORT;
               lex->sphead->add_instr(sp_set);
             }
           }
         | option_type TRANSACTION_SYM ISOLATION LEVEL_SYM isolation_types
           {
+            THD *thd= YYTHD;
             LEX *lex=Lex;
             lex->option_type= $1;
-            lex->var_list.push_back(new set_var(lex->option_type,
-                                                find_sys_var(YYTHD, "tx_isolation"),
-                                                &null_lex_str,
-                                                new Item_int((int32) $5)));
+            Item *item= new (thd->mem_root) Item_int((int32) $5);
+            if (item == NULL)
+              MYSQL_YYABORT;
+            set_var *var= new set_var(lex->option_type,
+                                      find_sys_var(thd, "tx_isolation"),
+                                      &null_lex_str,
+                                      item);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            lex->var_list.push_back(var);
           }
         ;
 
 option_value:
           '@' ident_or_text equal expr
           {
-            Lex->var_list.push_back(new set_var_user(new Item_func_set_user_var($2,$4)));
+            Item_func_set_user_var *item;
+            item= new (YYTHD->mem_root) Item_func_set_user_var($2, $4);
+            if (item == NULL)
+              MYSQL_YYABORT;
+            set_var_user *var= new set_var_user(item);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            Lex->var_list.push_back(var);
           }
         | '@' '@' opt_var_ident_type internal_variable_name equal set_expr_or_default
           {
             LEX *lex=Lex;
-            lex->var_list.push_back(new set_var($3, $4.var, &$4.base_name, $6));
+            set_var *var= new set_var($3, $4.var, &$4.base_name, $6);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            lex->var_list.push_back(var);
           }
         | charset old_or_new_charset_name_or_default
           {
             THD *thd= YYTHD;
             LEX *lex= thd->lex;
-            $2= $2 ? $2: global_system_variables.character_set_client;
-            lex->var_list.push_back(new set_var_collation_client($2,thd->variables.collation_database,$2));
+            CHARSET_INFO *cs2;
+            cs2= $2 ? $2: global_system_variables.character_set_client;
+            set_var_collation_client *var;
+            var= new set_var_collation_client(cs2,
+                                              thd->variables.collation_database,
+                                              cs2);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            lex->var_list.push_back(var);
           }
         | NAMES_SYM equal expr
           {
@@ -11452,15 +12259,21 @@ option_value:
         | NAMES_SYM charset_name_or_default opt_collate
           {
             LEX *lex= Lex;
-            $2= $2 ? $2 : global_system_variables.character_set_client;
-            $3= $3 ? $3 : $2;
-            if (!my_charset_same($2,$3))
+            CHARSET_INFO *cs2;
+            CHARSET_INFO *cs3;
+            cs2= $2 ? $2 : global_system_variables.character_set_client;
+            cs3= $3 ? $3 : cs2;
+            if (!my_charset_same(cs2, cs3))
             {
               my_error(ER_COLLATION_CHARSET_MISMATCH, MYF(0),
-                       $3->name, $2->csname);
+                       cs3->name, cs2->csname);
               MYSQL_YYABORT;
             }
-            lex->var_list.push_back(new set_var_collation_client($3,$3,$3));
+            set_var_collation_client *var;
+            var= new set_var_collation_client(cs3, cs3, cs3);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            lex->var_list.push_back(var);
           }
         | PASSWORD equal text_or_password
           {
@@ -11481,14 +12294,20 @@ option_value:
               MYSQL_YYABORT;
             user->host=null_lex_str;
             user->user.str=thd->security_ctx->priv_user;
-            thd->lex->var_list.push_back(new set_var_password(user, $3));
+            set_var_password *var= new set_var_password(user, $3);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            thd->lex->var_list.push_back(var);
             thd->lex->autocommit= TRUE;
             if (lex->sphead)
               lex->sphead->m_flags|= sp_head::HAS_SET_AUTOCOMMIT_STMT;
           }
         | PASSWORD FOR_SYM user equal text_or_password
           {
-            Lex->var_list.push_back(new set_var_password($3,$5));
+            set_var_password *var= new set_var_password($3,$5);
+            if (var == NULL)
+              MYSQL_YYABORT;
+            Lex->var_list.push_back(var);
             Lex->autocommit= TRUE;
             if (Lex->sphead)
               Lex->sphead->m_flags|= sp_head::HAS_SET_AUTOCOMMIT_STMT;
@@ -11599,11 +12418,15 @@ text_or_password:
               Item_func_old_password::alloc(YYTHD, $3.str) :
               Item_func_password::alloc(YYTHD, $3.str) :
               $3.str;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         | OLD_PASSWORD '(' TEXT_STRING ')'
           {
             $$= $3.length ? Item_func_old_password::alloc(YYTHD, $3.str) :
               $3.str;
+            if ($$ == NULL)
+              MYSQL_YYABORT;
           }
         ;
 
@@ -11611,9 +12434,27 @@ text_or_password:
 set_expr_or_default:
           expr { $$=$1; }
         | DEFAULT { $$=0; }
-        | ON     { $$=new Item_string("ON",  2, system_charset_info); }
-        | ALL    { $$=new Item_string("ALL", 3, system_charset_info); }
-        | BINARY { $$=new Item_string("binary", 6, system_charset_info); }
+        | ON
+          {
+            $$= new (YYTHD->mem_root) Item_string("ON",  2,
+                                                  system_charset_info);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | ALL
+          {
+            $$= new (YYTHD->mem_root) Item_string("ALL", 3,
+                                                  system_charset_info);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
+        | BINARY
+          {
+            $$= new (YYTHD->mem_root) Item_string("binary", 6,
+                                                  system_charset_info);
+            if ($$ == NULL)
+              MYSQL_YYABORT;
+          }
         ;
 
 /* Lock function */
@@ -11792,7 +12633,10 @@ handler:
             lex->expr_allows_subselect= FALSE;
             lex->sql_command = SQLCOM_HA_READ;
             lex->ha_rkey_mode= HA_READ_KEY_EXACT; /* Avoid purify warnings */
-            lex->current_select->select_limit= new Item_int((int32) 1);
+            Item *one= new (YYTHD->mem_root) Item_int((int32) 1);
+            if (one == NULL)
+              MYSQL_YYABORT;
+            lex->current_select->select_limit= one;
             lex->current_select->offset_limit= 0;
             if (!lex->current_select->add_table_to_list(lex->thd, $2, 0, 0))
               MYSQL_YYABORT;
@@ -12115,8 +12959,9 @@ grant_user:
               {
                 char *buff= 
                   (char *) YYTHD->alloc(SCRAMBLED_PASSWORD_CHAR_LENGTH_323+1);
-                if (buff)
-                  make_scrambled_password_323(buff, $4.str);
+                if (buff == NULL)
+                  MYSQL_YYABORT;
+                make_scrambled_password_323(buff, $4.str);
                 $1->password.str= buff;
                 $1->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH_323;
               }
@@ -12124,8 +12969,9 @@ grant_user:
               {
                 char *buff= 
                   (char *) YYTHD->alloc(SCRAMBLED_PASSWORD_CHAR_LENGTH+1);
-                if (buff)
-                  make_scrambled_password(buff, $4.str);
+                if (buff == NULL)
+                  MYSQL_YYABORT;
+                make_scrambled_password(buff, $4.str);
                 $1->password.str= buff;
                 $1->password.length= SCRAMBLED_PASSWORD_CHAR_LENGTH;
               }
@@ -12155,6 +13001,8 @@ column_list_id:
           ident
           {
             String *new_str = new (YYTHD->mem_root) String((const char*) $1.str,$1.length,system_charset_info);
+            if (new_str == NULL)
+              MYSQL_YYABORT;
             List_iterator <LEX_COLUMN> iter(Lex->columns);
             class LEX_COLUMN *point;
             LEX *lex=Lex;
@@ -12168,7 +13016,12 @@ column_list_id:
             if (point)
               point->rights |= lex->which_columns;
             else
-              lex->columns.push_back(new LEX_COLUMN (*new_str,lex->which_columns));
+            {
+              LEX_COLUMN *col= new LEX_COLUMN (*new_str,lex->which_columns);
+              if (col == NULL)
+                MYSQL_YYABORT;
+              lex->columns.push_back(col);
+            }
           }
         ;
 
@@ -12606,21 +13459,24 @@ view_list_opt:
         ;
 
 view_list:
-          ident 
-            {
-              Lex->view_list.push_back((LEX_STRING*)
-              sql_memdup(&$1, sizeof(LEX_STRING)));
-            }
+          ident
+          {
+            LEX_STRING *ls= (LEX_STRING*) sql_memdup(&$1, sizeof(LEX_STRING));
+            if (ls == NULL)
+              MYSQL_YYABORT;
+            Lex->view_list.push_back(ls);
+          }
         | view_list ',' ident
-            {
-              Lex->view_list.push_back((LEX_STRING*)
-              sql_memdup(&$3, sizeof(LEX_STRING)));
-            }
+          {
+            LEX_STRING *ls= (LEX_STRING*) sql_memdup(&$3, sizeof(LEX_STRING));
+            if (ls == NULL)
+              MYSQL_YYABORT;
+            Lex->view_list.push_back(ls);
+          }
         ;
 
 view_select:
           {
-            THD *thd= YYTHD;
             LEX *lex= Lex;
             lex->parsing_options.allows_variable= FALSE;
             lex->parsing_options.allows_select_into= FALSE;
@@ -12806,6 +13662,8 @@ sf_tail:
             }
             /* Order is important here: new - reset - init */
             sp= new sp_head();
+            if (sp == NULL)
+              MYSQL_YYABORT;
             sp->reset_thd_mem_root(thd);
             sp->init(lex);
             sp->init_sp_name(thd, lex->spname);
@@ -12933,6 +13791,8 @@ sp_tail:
 
             /* Order is important here: new - reset - init */
             sp= new sp_head();
+            if (sp == NULL)
+              MYSQL_YYABORT;
             sp->reset_thd_mem_root(YYTHD);
             sp->init(lex);
             sp->m_type= TYPE_ENUM_PROCEDURE;