From: Date: September 8 2008 1:00pm Subject: bzr push into mysql-5.0 branch (ramil:2682 to 2683) Bug#39021 List-Archive: http://lists.mysql.com/commits/53507 X-Bug: 39021 Message-Id: <200809081100.m88B0Ahx008107@localhost.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit 2683 Ramil Kalimullin 2008-09-05 Fix for bug #39021: SELECT REGEXP BINARY NULL never returns Problem: SELECT ... REGEXP BINARY NULL may lead to server crash/hang. Fix: properly handle NULL regular expressions. modified: mysql-test/r/func_regexp.result mysql-test/t/func_regexp.test sql/item_cmpfunc.cc sql/item_cmpfunc.h 2682 Ramil Kalimullin 2008-09-05 [merge] Merge modified: mysql-test/r/default.result mysql-test/t/default.test sql/item.cc === modified file 'mysql-test/r/create.result' --- a/mysql-test/r/create.result 2008-02-01 08:00:40 +0000 +++ b/mysql-test/r/create.result 2008-09-03 10:17:19 +0000 @@ -1546,4 +1546,15 @@ SHOW INDEX FROM t1; Table Non_unique Key_name Seq_in_index Column_name Collation Cardinality Sub_part Packed Null Index_type Comment t1 1 c1 1 c1 A NULL NULL NULL YES BTREE DROP TABLE t1; +CREATE TABLE t1 (a INTEGER AUTO_INCREMENT PRIMARY KEY, b INTEGER NOT NULL); +INSERT IGNORE INTO t1 (b) VALUES (5); +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) +SELECT a FROM t1; +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) +SELECT a FROM t1; +ERROR 23000: Duplicate entry '1' for key 1 +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) +SELECT a FROM t1; +ERROR 23000: Duplicate entry '1' for key 1 +DROP TABLE t1, t2; End of 5.0 tests === modified file 'mysql-test/r/func_regexp.result' --- a/mysql-test/r/func_regexp.result 2007-10-30 08:21:44 +0000 +++ b/mysql-test/r/func_regexp.result 2008-09-05 08:30:01 +0000 @@ -114,4 +114,16 @@ End of 4.1 tests SELECT 1 REGEXP NULL; 1 REGEXP NULL NULL +SELECT '' REGEXP BINARY NULL; +'' REGEXP BINARY NULL +NULL +SELECT NULL REGEXP BINARY NULL; +NULL REGEXP BINARY NULL +NULL +SELECT 'A' REGEXP BINARY NULL; +'A' REGEXP BINARY NULL +NULL +SELECT "ABC" REGEXP BINARY NULL; +"ABC" REGEXP BINARY NULL +NULL End of 5.0 tests === modified file 'mysql-test/t/create.test' --- a/mysql-test/t/create.test 2008-02-01 08:00:40 +0000 +++ b/mysql-test/t/create.test 2008-09-03 10:17:19 +0000 @@ -1172,4 +1172,22 @@ SHOW INDEX FROM t1; DROP TABLE t1; +# +# Bug#38821: Assert table->auto_increment_field_not_null failed in open_table() +# +CREATE TABLE t1 (a INTEGER AUTO_INCREMENT PRIMARY KEY, b INTEGER NOT NULL); +INSERT IGNORE INTO t1 (b) VALUES (5); + +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) + SELECT a FROM t1; +--error 1062 +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) + SELECT a FROM t1; +--error 1062 +CREATE TABLE IF NOT EXISTS t2 (a INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY) + SELECT a FROM t1; + +DROP TABLE t1, t2; + + --echo End of 5.0 tests === modified file 'mysql-test/t/func_regexp.test' --- a/mysql-test/t/func_regexp.test 2007-10-30 08:21:44 +0000 +++ b/mysql-test/t/func_regexp.test 2008-09-05 08:30:01 +0000 @@ -64,4 +64,14 @@ drop table t1; SELECT 1 REGEXP NULL; + +# +# Bug #39021: SELECT REGEXP BINARY NULL never returns +# + +SELECT '' REGEXP BINARY NULL; +SELECT NULL REGEXP BINARY NULL; +SELECT 'A' REGEXP BINARY NULL; +SELECT "ABC" REGEXP BINARY NULL; + --echo End of 5.0 tests === modified file 'sql/item_cmpfunc.cc' --- a/sql/item_cmpfunc.cc 2008-07-30 11:07:37 +0000 +++ b/sql/item_cmpfunc.cc 2008-09-05 08:30:01 +0000 @@ -4341,8 +4341,20 @@ void Item_func_like::cleanup() #ifdef USE_REGEX -bool -Item_func_regex::regcomp(bool send_error) +/** + @brief Compile regular expression. + + @param[in] send_error send error message if any. + + @details Make necessary character set conversion then + compile regular expression passed in the args[1]. + + @retval 0 success. + @retval 1 error occurred. + @retval -1 given null regular expression. + */ + +int Item_func_regex::regcomp(bool send_error) { char buff[MAX_FIELD_WIDTH]; String tmp(buff,sizeof(buff),&my_charset_bin); @@ -4350,12 +4362,12 @@ Item_func_regex::regcomp(bool send_error int error; if (args[1]->null_value) - return TRUE; + return -1; if (regex_compiled) { if (!stringcmp(res, &prev_regexp)) - return FALSE; + return 0; prev_regexp.copy(*res); my_regfree(&preg); regex_compiled= 0; @@ -4367,7 +4379,7 @@ Item_func_regex::regcomp(bool send_error uint dummy_errors; if (conv.copy(res->ptr(), res->length(), res->charset(), regex_lib_charset, &dummy_errors)) - return TRUE; + return 1; res= &conv; } @@ -4379,10 +4391,10 @@ Item_func_regex::regcomp(bool send_error (void) my_regerror(error, &preg, buff, sizeof(buff)); my_error(ER_REGEXP_ERROR, MYF(0), buff); } - return TRUE; + return 1; } regex_compiled= 1; - return FALSE; + return 0; } @@ -4420,13 +4432,14 @@ Item_func_regex::fix_fields(THD *thd, It const_item_cache=args[0]->const_item() && args[1]->const_item(); if (!regex_compiled && args[1]->const_item()) { - if (args[1]->null_value) + int comp_res= regcomp(TRUE); + if (comp_res == -1) { // Will always return NULL maybe_null=1; fixed= 1; return FALSE; } - if (regcomp(TRUE)) + else if (comp_res) return TRUE; regex_is_const= 1; maybe_null= args[0]->maybe_null; === modified file 'sql/item_cmpfunc.h' --- a/sql/item_cmpfunc.h 2008-01-23 15:03:58 +0000 +++ b/sql/item_cmpfunc.h 2008-09-05 08:30:01 +0000 @@ -1323,7 +1323,7 @@ class Item_func_regex :public Item_bool_ CHARSET_INFO *regex_lib_charset; int regex_lib_flags; String conv; - bool regcomp(bool send_error); + int regcomp(bool send_error); public: Item_func_regex(Item *a,Item *b) :Item_bool_func(a,b), regex_compiled(0),regex_is_const(0) {} === modified file 'sql/sql_insert.cc' --- a/sql/sql_insert.cc 2008-03-28 13:34:06 +0000 +++ b/sql/sql_insert.cc 2008-09-03 10:17:19 +0000 @@ -2897,7 +2897,11 @@ bool select_insert::send_data(List DBUG_RETURN(1); } } - if (!(error= write_record(thd, table, &info))) + + error= write_record(thd, table, &info); + table->auto_increment_field_not_null= FALSE; + + if (!error) { if (table->triggers || info.handle_duplicates == DUP_UPDATE) {