3312 Gleb Shchepa 2010-01-13
Bug #50096: CONCAT_WS inside procedure returning wrong data
Selecting of the CONCAT_WS(...<PS parameter>...) result into
a user variable may return wrong data.
Item_func_concat_ws::val_str contains a number of memory
allocation-saving optimization tricks. After the fix
for bug 46815 the control flow has been changed to a
branch that is commented as "This is quite uncommon!":
one of places where we are trying to concatenate
strings inplace. However, that "uncommon" place
didn't care about PS parameters, that have another
trick in Item_sp_variable::val_str(): they use the
intermediate Item_sp_variable::str_value field,
where they may store a reference to an external
argument's buffer.
The Item_func_concat_ws::val_str function has been
modified to take into account val_str functions
(such as Item_sp_variable::val_str) that return a
pointer to an internal Item member variable that
may reference to a buffer provided.
@ mysql-test/r/func_concat.result
Added test case for bug #50096.
@ mysql-test/t/func_concat.test
Added test case for bug #50096.
@ sql/item_strfunc.cc
Bug #50096: CONCAT_WS inside procedure returning wrong data
The Item_func_concat_ws::val_str function has been
modified to take into account val_str functions
(such as Item_sp_variable::val_str) that return a
pointer to an internal Item member variable that
may reference to a buffer provided.
modified:
mysql-test/r/func_concat.result
mysql-test/t/func_concat.test
sql/item_strfunc.cc
3311 Joerg Bruehe 2010-01-11
Implement the change of RPM versioning and file naming:
- "release" starts from 1
- "level" ("m2", "rc", ...) is included in the RPM version.
modified:
support-files/Makefile.am
support-files/mysql.spec.sh
=== modified file 'mysql-test/r/func_concat.result'
--- a/mysql-test/r/func_concat.result 2009-05-21 08:06:43 +0000
+++ b/mysql-test/r/func_concat.result 2010-01-13 04:16:36 +0000
@@ -1,4 +1,5 @@
DROP TABLE IF EXISTS t1;
+DROP PROCEDURE IF EXISTS p1;
CREATE TABLE t1 ( number INT NOT NULL, alpha CHAR(6) NOT NULL );
INSERT INTO t1 VALUES (1413006,'idlfmv'),
(1413065,'smpsfz'),(1413127,'sljrhx'),(1413304,'qerfnd');
@@ -119,4 +120,14 @@ id select_type table type possible_keys
1 SIMPLE t2 index NULL PRIMARY 102 NULL 3 Using index
1 SIMPLE t1 eq_ref PRIMARY,a PRIMARY 318 func,const,const 1
DROP TABLE t1, t2;
+#
+# Bug #50096: CONCAT_WS inside procedure returning wrong data
+#
+CREATE PROCEDURE p1(a varchar(255), b int, c int)
+SET @query = CONCAT_WS(",", a, b, c);
+CALL p1("abcde", "0", "1234");
+SELECT @query;
+@query
+abcde,0,1234
+DROP PROCEDURE p1;
# End of 5.1 tests
=== modified file 'mysql-test/t/func_concat.test'
--- a/mysql-test/t/func_concat.test 2009-05-21 08:06:43 +0000
+++ b/mysql-test/t/func_concat.test 2010-01-13 04:16:36 +0000
@@ -4,6 +4,7 @@
--disable_warnings
DROP TABLE IF EXISTS t1;
+DROP PROCEDURE IF EXISTS p1;
--enable_warnings
CREATE TABLE t1 ( number INT NOT NULL, alpha CHAR(6) NOT NULL );
@@ -111,4 +112,16 @@ EXPLAIN SELECT CONCAT('gui_', t2.a), t1.
DROP TABLE t1, t2;
+--echo #
+--echo # Bug #50096: CONCAT_WS inside procedure returning wrong data
+--echo #
+
+CREATE PROCEDURE p1(a varchar(255), b int, c int)
+ SET @query = CONCAT_WS(",", a, b, c);
+
+CALL p1("abcde", "0", "1234");
+SELECT @query;
+
+DROP PROCEDURE p1;
+
--echo # End of 5.1 tests
=== modified file 'sql/item_strfunc.cc'
--- a/sql/item_strfunc.cc 2009-12-04 15:36:58 +0000
+++ b/sql/item_strfunc.cc 2010-01-13 04:16:36 +0000
@@ -677,8 +677,8 @@ String *Item_func_concat_ws::val_str(Str
res->length() + sep_str->length() + res2->length())
{
/* We have room in str; We can't get any errors here */
- if (str == res2)
- { // This is quote uncommon!
+ if (str->ptr() == res2->ptr())
+ { // This is quite uncommon!
str->replace(0,0,*sep_str);
str->replace(0,0,*res);
}
Attachment: [text/bzr-bundle] bzr/gshchepa@mysql.com-20100113041636-imcwglhcshd6aks4.bundle
| Thread |
|---|
| • bzr push into mysql-5.1-bugteam branch (gshchepa:3311 to 3312)Bug#50096 | Gleb Shchepa | 13 Jan |
