List:Commits« Previous MessageNext Message »
From:Georgi Kodinov Date:March 11 2009 12:13pm
Subject:bzr commit into mysql-5.0-bugteam branch (joro:2773) Bug#43354
View as plain text  
#At file:///home/kgeorge/mysql/work/B43354-5.0-bugteam/ based on revid:matthias.leich@stripped

 2773 Georgi Kodinov	2009-03-11
      Bug #43354: Use key hint can crash server in explain extended query
            
      The copy of the original arguments of a aggregate function was not
      initialized until after fix_fields().
      Sometimes (e.g. when there's an error processing the statement)
      the print() can be called with no corresponding fix_fields() call.
            
      Fixed by adding a check if the Item is fixed before using the arguments
      copy.
     @ mysql-test/r/explain.result
        Bug #43354: test case
     @ mysql-test/t/explain.test
        Bug #43354: test case
     @ sql/item_sum.cc
        Bug #43354: use the argument list copy only if it's initialized

    modified:
      mysql-test/r/explain.result
      mysql-test/t/explain.test
      sql/item_sum.cc
=== modified file 'mysql-test/r/explain.result'
--- a/mysql-test/r/explain.result	2008-12-09 18:35:02 +0000
+++ b/mysql-test/r/explain.result	2009-03-11 12:10:44 +0000
@@ -155,3 +155,7 @@ id	select_type	table	type	possible_keys	
 Warnings:
 Note	1003	select 1 AS `1` from (select count(distinct `test`.`t1`.`a`) AS `COUNT(DISTINCT t1.a)` from `test`.`t1` join `test`.`t2` group by `test`.`t1`.`a`) `s1`
 DROP TABLE t1,t2;
+CREATE TABLE t1 (a INT PRIMARY KEY);
+EXPLAIN EXTENDED SELECT COUNT(a) FROM t1 USE KEY(a);
+ERROR HY000: Key 'a' doesn't exist in table 't1'
+DROP TABLE t1;

=== modified file 'mysql-test/t/explain.test'
--- a/mysql-test/t/explain.test	2008-12-09 18:35:02 +0000
+++ b/mysql-test/t/explain.test	2009-03-11 12:10:44 +0000
@@ -123,4 +123,17 @@ execute s1;
 
 DROP TABLE t1,t2;
 
+
+#
+# Bug #43354: Use key hint can crash server in explain extended query
+#
+
+CREATE TABLE t1 (a INT PRIMARY KEY);
+
+--error ER_KEY_DOES_NOT_EXITS
+EXPLAIN EXTENDED SELECT COUNT(a) FROM t1 USE KEY(a);
+
+DROP TABLE t1;
+
+
 # End of 5.0 tests.

=== modified file 'sql/item_sum.cc'
--- a/sql/item_sum.cc	2008-12-09 18:35:02 +0000
+++ b/sql/item_sum.cc	2009-03-11 12:10:44 +0000
@@ -440,7 +440,8 @@ void Item_sum::make_field(Send_field *tm
 
 void Item_sum::print(String *str)
 {
-  Item **pargs= orig_args;
+  /* orig_args is not filled with valid values until fix_fields() */
+  Item **pargs= fixed ? orig_args : args;
   str->append(func_name());
   for (uint i=0 ; i < arg_count ; i++)
   {


Attachment: [text/bzr-bundle] bzr/joro@sun.com-20090311121044-2h4g50mqx10h52su.bundle
Thread
bzr commit into mysql-5.0-bugteam branch (joro:2773) Bug#43354Georgi Kodinov11 Mar