MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Magne Mahre Date:November 17 2010 12:44pm
Subject:bzr commit into mysql-trunk branch (magne.mahre:3348) Bug#58199
View as plain text  
#At file:///export/home/tmp/x/mysql-trunk-bugfixing-58199/ based on revid:davi.arnaut@stripped

 3348 Magne Mahre	2010-11-17
      Bug#58199 name_const in the having clause crashes
      
      NAME_CONST(..) was used wrongly in a HAVING clause, and
      should have caused a user error.  Instead, it caused a
      segmentation fault.
      
      During parsing, the value parameter to NAME_CONST was
      specified to be an uninitialized Item_ref object (it
      would be resolved later).   During the semantic analysis,
      the object is tested, and since it was not initialied,
      the server seg.faulted.
      
      The fix is to check if the object is initialized
      before testing it.  The same pattern has already been
      applied to most other methods in the Item_ref class.
      
      Bug was introduced by the optimization done as part of
      Bug#33546.

    modified:
      mysql-test/t/func_misc.test
      sql/item.h
=== modified file 'mysql-test/t/func_misc.test'
--- a/mysql-test/t/func_misc.test	2010-08-20 13:10:49 +0000
+++ b/mysql-test/t/func_misc.test	2010-11-17 12:43:58 +0000
@@ -504,4 +504,15 @@ SELECT DISTINCT GREATEST(a, (SELECT b FR
 
 DROP TABLE t1;
 
---echo End of 5.1 tests
+--echo #
+--echo # Bug #58199: name_const in the having clause crashes
+--echo #
+
+CREATE TABLE t1 (a INT);
+
+# NAME_CONST() would seg.fault when used wrongly in a HAVING clause
+--error ER_WRONG_ARGUMENTS
+SELECT 1 from t1 HAVING NAME_CONST('', a);
+
+DROP TABLE t1;
+

=== modified file 'sql/item.h'
--- a/sql/item.h	2010-10-15 10:32:50 +0000
+++ b/sql/item.h	2010-11-17 12:43:58 +0000
@@ -2662,7 +2662,7 @@ public:
     DBUG_ASSERT(fixed);
     return (*ref)->get_time(ltime);
   }
-  virtual bool basic_const_item() const { return (*ref)->basic_const_item(); }
+  virtual bool basic_const_item() const { return ref && (*ref)->basic_const_item(); }
   bool is_outer_field() const
   {
     DBUG_ASSERT(fixed);


Attachment: [text/bzr-bundle] bzr/magne.mahre@oracle.com-20101117124358-tmo2c2ug45pu6fnb.bundle
Thread
bzr commit into mysql-trunk branch (magne.mahre:3348) Bug#58199Magne Mahre17 Nov