MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Sergey Glukhov Date:June 2 2009 6:38am
Subject:bzr commit into mysql-5.0-bugteam branch (Sergey.Glukhov:2763)
Bug#45152
View as plain text  
#At file:///home/gluh/MySQL/mysql-5.0-bugteam/ based on revid:alexey.kopytov@stripped

 2763 Sergey Glukhov	2009-06-02
      Bug#45152 crash with round() function on longtext column in a derived table
      The crash happens due to wrong max_length value which is set on
      Item_func_round::fix_length_and_dec() stage. The value is set to
      args[0]->max_length which is too big in case of LONGTEXT(LONGBLOB) fields.
      The fix is to set max_length using float_length() function.
     @ mysql-test/r/func_math.result
        test result
     @ mysql-test/t/func_math.test
        test case
     @ sql/item_func.cc
        The crash happens due to wrong max_length value which is set on
        Item_func_round::fix_length_and_dec() stage. The value is set to
        args[0]->max_length which is too big in case of LONGTEXT(LONGBLOB) fields.
        The fix is to set max_length using float_length() function.

    modified:
      mysql-test/r/func_math.result
      mysql-test/t/func_math.test
      sql/item_func.cc
=== modified file 'mysql-test/r/func_math.result'
--- a/mysql-test/r/func_math.result	2009-02-23 12:28:26 +0000
+++ b/mysql-test/r/func_math.result	2009-06-02 06:38:13 +0000
@@ -390,4 +390,11 @@ a	ROUND(a)
 -1e+16	-10000000000000002
 1e+16	10000000000000002
 DROP TABLE t1;
+CREATE TABLE t1(f1 LONGTEXT) engine=myisam;
+INSERT INTO t1 VALUES ('a');
+SELECT 1 FROM (SELECT ROUND(f1) AS a FROM t1) AS s WHERE a LIKE 'a';
+1
+SELECT 1 FROM (SELECT ROUND(f1, f1) AS a FROM t1) AS s WHERE a LIKE 'a';
+1
+DROP TABLE t1;
 End of 5.0 tests

=== modified file 'mysql-test/t/func_math.test'
--- a/mysql-test/t/func_math.test	2009-02-23 12:28:26 +0000
+++ b/mysql-test/t/func_math.test	2009-06-02 06:38:13 +0000
@@ -250,4 +250,13 @@ SELECT a, ROUND(a) FROM t1;
 
 DROP TABLE t1;
 
+#
+# Bug#45152 crash with round() function on longtext column in a derived table
+#
+CREATE TABLE t1(f1 LONGTEXT) engine=myisam;
+INSERT INTO t1 VALUES ('a');
+SELECT 1 FROM (SELECT ROUND(f1) AS a FROM t1) AS s WHERE a LIKE 'a';
+SELECT 1 FROM (SELECT ROUND(f1, f1) AS a FROM t1) AS s WHERE a LIKE 'a';
+DROP TABLE t1;
+
 --echo End of 5.0 tests

=== modified file 'sql/item_func.cc'
--- a/sql/item_func.cc	2009-05-15 09:29:41 +0000
+++ b/sql/item_func.cc	2009-06-02 06:38:13 +0000
@@ -1958,8 +1958,8 @@ void Item_func_round::fix_length_and_dec
   unsigned_flag= args[0]->unsigned_flag;
   if (!args[1]->const_item())
   {
-    max_length= args[0]->max_length;
     decimals= args[0]->decimals;
+    max_length= float_length(decimals);
     if (args[0]->result_type() == DECIMAL_RESULT)
     {
       max_length++;
@@ -1979,8 +1979,8 @@ void Item_func_round::fix_length_and_dec
 
   if (args[0]->decimals == NOT_FIXED_DEC)
   {
-    max_length= args[0]->max_length;
     decimals= min(decimals_to_set, NOT_FIXED_DEC);
+    max_length= float_length(decimals);
     hybrid_type= REAL_RESULT;
     return;
   }


Attachment: [text/bzr-bundle] bzr/sergey.glukhov@sun.com-20090602063813-33mh88cz5vpa2jqe.bundle
Thread
bzr commit into mysql-5.0-bugteam branch (Sergey.Glukhov:2763)Bug#45152Sergey Glukhov2 Jun