From: Date: September 1 2008 2:56pm
Subject: bzr commit into mysql-5.1 branch (kgeorge:2728) Bug#38701
List-Archive: http://lists.mysql.com/commits/53004
X-Bug: 38701
Message-Id: <200809011256.m81Cuh0m023698@magare.gmz>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

#At file:///home/kgeorge/mysql/bzr/B38701-5.1-bugteam/

 2728 Georgi Kodinov	2008-09-01
      Bug #38701: Crash in String::append when inserting duplicate empty strings an uft8 SET col
      
      When converting a value to string (to include it in an error message) MySQL was not
      initializing the buffer in the correct way. I was just resetting the length of the string
      and not setting 0 in the buffer itself.
      This, combined with a SET columns (that return empty string for a value not in the set) 
      causes warnings in retrieving the C pointer from the resulting string, that expects a
      trailing 0 (String::c_ptr()).
      Fixed by initializing the key result buffer so it always has a trailing zero.
modified:
  mysql-test/r/type_set.result
  mysql-test/t/type_set.test
  sql/key.cc

per-file messages:
  mysql-test/r/type_set.result
    Bug #38701: test case
  mysql-test/t/type_set.test
    Bug #38701: test case
  sql/key.cc
    Bug #38701: ensure there's a trailing 0 when initializing a result buffer.
=== modified file 'mysql-test/r/type_set.result'
--- a/mysql-test/r/type_set.result	2008-03-14 20:40:21 +0000
+++ b/mysql-test/r/type_set.result	2008-09-01 12:56:09 +0000
@@ -93,4 +93,14 @@ c
 1,2,3
 64
 DROP TABLE t1;
+CREATE TABLE t1 (
+set_unique_utf8 set ('a','b','c','d','e','f','g','h','i','j','k','l',
+'m','n','o','p','q','r','s','t','u','v','w','x',
+'y','z') CHARACTER SET utf8,
+unique (set_unique_utf8)
+);
+INSERT INTO t1 ( set_unique_utf8 ) VALUES ( '' );
+INSERT INTO t1 ( set_unique_utf8 ) VALUES ( '' );
+ERROR 23000: Duplicate entry '' for key 'set_unique_utf8'
+DROP TABLE t1;
 End of 5.0 tests

=== modified file 'mysql-test/t/type_set.test'
--- a/mysql-test/t/type_set.test	2008-03-14 20:40:21 +0000
+++ b/mysql-test/t/type_set.test	2008-09-01 12:56:09 +0000
@@ -75,4 +75,23 @@ INSERT INTO t1 VALUES(922337203685477580
 SELECT * FROM t1;
 DROP TABLE t1;
 
+#
+# Bug #38701: Crash in String::append when inserting duplicate empty strings
+# an uft8 SET col
+#
+
+CREATE TABLE t1 (
+        set_unique_utf8 set ('a','b','c','d','e','f','g','h','i','j','k','l',
+                             'm','n','o','p','q','r','s','t','u','v','w','x',
+                             'y','z') CHARACTER SET utf8,
+        unique (set_unique_utf8)
+);
+
+INSERT INTO t1 ( set_unique_utf8 ) VALUES ( '' );
+--error ER_DUP_ENTRY 
+INSERT INTO t1 ( set_unique_utf8 ) VALUES ( '' );
+
+DROP TABLE t1;
+
+
 --echo End of 5.0 tests

=== modified file 'sql/key.cc'
--- a/sql/key.cc	2008-02-07 14:09:59 +0000
+++ b/sql/key.cc	2008-09-01 12:56:09 +0000
@@ -331,7 +331,7 @@ void key_unpack(String *to,TABLE *table,
   my_bitmap_map *old_map= dbug_tmp_use_all_columns(table, table->read_set);
   DBUG_ENTER("key_unpack");
 
-  to->length(0);
+  to->copy("", 0, to->charset());
   for (key_part=table->key_info[idx].key_part,key_part_end=key_part+
 	 table->key_info[idx].key_parts ;
        key_part < key_part_end;