MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Ingo Struewing Date:July 5 2007 10:34am
Subject:bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810
View as plain text  
Below is the list of changes that have just been committed into a local
6.0-falcon repository of istruewing. When istruewing does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-07-05 12:33:13+02:00, istruewing@stripped +3 -0
  Bug#28810 - Crash with huge negative decimal for Falcon and CSV
  
  Debug server crashed when inserting a negated decimal number of
  maximum precision (65): INSERT ... SELECT -column ...
  
  The problem was that the negation function added 1 to the column
  length for the sign unconditionally. When the source item was
  a signed field with maximum precision, the result was a field with
  one more than maximum. This triggered an assert.
  
  The fix is to avoid adding 1 to max_length when the argument of
  the negation function is a signed field . A signed field does
  already have space for the sign.

  mysql-test/r/type_newdecimal.result@stripped, 2007-07-05 12:32:43+02:00, istruewing@stripped +23 -1
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test result.

  mysql-test/t/type_newdecimal.test@stripped, 2007-07-05 12:32:44+02:00, istruewing@stripped +20 -1
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Added test.

  sql/item_func.cc@stripped, 2007-07-05 12:32:45+02:00, istruewing@stripped +8 -2
    Bug#28810 - Crash with huge negative decimal for Falcon and CSV
    Avoid to add 1 to max_length when argument is a signed field in
    Item_func_neg::fix_num_length_and_dec().

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	istruewing
# Host:	chilla.local
# Root:	/home/mydev/mysql-5.1-falcon-bug28810

--- 1.402/sql/item_func.cc	2007-07-05 12:34:43 +02:00
+++ 1.403/sql/item_func.cc	2007-07-05 12:34:43 +02:00
@@ -1504,8 +1504,14 @@ my_decimal *Item_func_neg::decimal_op(my
 void Item_func_neg::fix_num_length_and_dec()
 {
   decimals= args[0]->decimals;
-  /* 1 add because sign can appear */
-  max_length= args[0]->max_length + 1;
+  max_length= args[0]->max_length;
+  /*
+    If the argument is a signed field, then its max_length does already
+    take an possible sign into account. In other cases we have to add one.
+  */
+  if ((args[0]->type() != FIELD_ITEM) || args[0]->unsigned_flag)
+    max_length++;
+  unsigned_flag= 0;
 }
 
 

--- 1.59/mysql-test/r/type_newdecimal.result	2007-07-05 12:34:44 +02:00
+++ 1.60/mysql-test/r/type_newdecimal.result	2007-07-05 12:34:44 +02:00
@@ -1,4 +1,4 @@
-drop table if exists t1;
+drop table if exists t1, t2;
 select 1.1 IN (1.0, 1.2);
 1.1 IN (1.0, 1.2)
 0
@@ -1509,3 +1509,25 @@ Error	1264	Out of range value for column
 select cast(98.6 as decimal(2,0));
 cast(98.6 as decimal(2,0))
 99
+CREATE TABLE t1 (c1 DECIMAL(65));
+INSERT INTO t1 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+SELECT * FROM t1;
+c1
+99999999999999999999999999999999999999999999999999999999999999999
+99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED);
+INSERT INTO t2 VALUES
+(99999999999999999999999999999999999999999999999999999999999999999),
+(99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+c1
+-99999999999999999999999999999999999999999999999999999999999999999
+-99999999999999999999999999999999999999999999999999999999999999999
+DROP TABLE t1, t2;

--- 1.53/mysql-test/t/type_newdecimal.test	2007-07-05 12:34:44 +02:00
+++ 1.54/mysql-test/t/type_newdecimal.test	2007-07-05 12:34:44 +02:00
@@ -1,5 +1,5 @@
 --disable_warnings
-drop table if exists t1;
+drop table if exists t1, t2;
 --enable_warnings
 #
 # constant IN function test
@@ -1184,3 +1184,22 @@ select cast(-3.4 as decimal(2,1));
 select cast(99.6 as decimal(2,0));
 select cast(-13.4 as decimal(2,1));
 select cast(98.6 as decimal(2,0));
+
+#
+# Bug#28810 - Crash with huge negative decimal for Falcon and CSV
+#
+CREATE TABLE t1 (c1 DECIMAL(65));
+INSERT INTO t1 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t1;
+SELECT * FROM t1;
+TRUNCATE TABLE t1;
+CREATE TABLE t2 (c1 DECIMAL(65) UNSIGNED);
+INSERT INTO t2 VALUES
+  (99999999999999999999999999999999999999999999999999999999999999999),
+  (99999999999999999999999999999999999999999999999999999999999999999);
+INSERT INTO t1 SELECT -c1 FROM t2;
+SELECT * FROM t1;
+DROP TABLE t1, t2;
+
Thread
bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810Ingo Struewing5 Jul
  • Re: bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810Sergei Golubchik9 Jul
    • Re: bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810Ingo Strüwing12 Jul
      • Re: bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810Sergei Golubchik12 Jul
        • Re: bk commit into 6.0-falcon tree (istruewing:1.2582) BUG#28810Ingo Strüwing12 Jul