From: Davi Arnaut
Date: June 17 2009 1:57pm
Subject: Re: bzr commit into mysql-5.1-bugteam branch (mhansson:2931) Bug#44684
List-Archive: http://lists.mysql.com/commits/76477
Message-Id: <4A38F63C.2050804@Sun.COM>
MIME-Version: 1.0
Content-Type: text/plain; CHARSET=US-ASCII; format=flowed
Content-Transfer-Encoding: 7BIT

Hi Martin,

OK to push. A few minor comments below.

On 6/16/09 11:09 AM, Martin Hansson wrote:
> #At file:///data0/martin/bzr/bug44684/5.1bt-gca/ based on revid:gshchepa@stripped
>
>   2931 Martin Hansson	2009-06-16
>        Bug#44684: valgrind reports invalid reads in
>        Item_func_spatial_collection::val_str
>
>        When the concatenation function for geometry data collections
>        reads the binary data it was not rigorous in checking that there
>        is data available, leading to invalid reads and crashes.
>        Fixed by making checking stricter.
>       @ mysql-test/r/gis.result
>          Bug#44684: Test result
>       @ mysql-test/t/gis.test
>          Bug#44684: Test case
>       @ sql/item_geofunc.cc
>          Bug#44684: fix(es)
>          - Check that there are 4 bytes available for type code.
>          - Check that there is at least one point available for linestring.
>          - Check that there are at least 2 points in a polygon and
>            data for all the points.
>

[..]

>   --echo End of 5.1 tests
>
> === modified file 'sql/item_geofunc.cc'
> --- a/sql/item_geofunc.cc	2009-04-29 02:59:10 +0000
> +++ b/sql/item_geofunc.cc	2009-06-16 14:09:04 +0000
> @@ -416,7 +416,10 @@ String *Item_func_spatial_collection::va
>       else
>       {
>         enum Geometry::wkbType wkb_type;
> -      const char *data= res->ptr() + 4/*SRID*/ + 1;
> +      const int data_offset= 4/*SRID*/ + 1;

const unsigned int