List:Commits« Previous MessageNext Message »
From:Chad MILLER Date:July 1 2006 6:31pm
Subject:bk commit into 4.0 tree (cmiller:1.2184) BUG#19006
View as plain text  
Below is the list of changes that have just been committed into a local
4.0 repository of cmiller. When cmiller does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.2184 06/07/01 14:31:52 cmiller@zippy.(none) +4 -0
  Bug#19006: 4.0 valgrind problems (in test func_str)
  
  On exactly-sized Strings, the String::c_ptr() function peeked beyond the
  end of the buffer, possibly into unititialized space to see whether the 
  buffer was NUL-terminated.
  
  In a place that did peek improperly, we now use a c_ptr_safe() function, 
  which doesn't peek where it shouldn't.

  sql/sql_string.h
    1.14 06/07/01 14:31:45 cmiller@zippy.(none) +8 -0
    Back-port String::c_ptr_safe().

  sql/item_strfunc.cc
    1.88 06/07/01 14:31:45 cmiller@zippy.(none) +2 -2
    Use the "_safe" version of c_ptr to avoid looking for a terminating 
    NUL character outside the initialized memory area.  Valgrind hates it 
    when one does that, and it theoretically could lead to a SEGV.

  sql/item_func.h
    1.67 06/07/01 14:31:45 cmiller@zippy.(none) +4 -1
    Describe side-effect behavior.

  client/sql_string.h
    1.7 06/07/01 14:31:45 cmiller@zippy.(none) +8 -0
    Back-port String::c_ptr_safe().

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	cmiller
# Host:	zippy.(none)
# Root:	/home/cmiller/work/mysql/mysql-4.0__bug19006

--- 1.6/client/sql_string.h	2001-12-06 07:10:37 -05:00
+++ 1.7/client/sql_string.h	2006-07-01 14:31:45 -04:00
@@ -67,6 +67,14 @@ public:
       Ptr[str_length]=0;
     return Ptr;
   }
+  inline char *c_ptr_safe()
+  {
+    if (Ptr && str_length < Alloced_length)
+      Ptr[str_length]=0;
+    else
+      (void) realloc(str_length);
+    return Ptr;
+  }
 
   void set(String &str,uint32 offset,uint32 arg_length)
   {

--- 1.66/sql/item_func.h	2004-11-25 19:31:20 -05:00
+++ 1.67/sql/item_func.h	2006-07-01 14:31:45 -04:00
@@ -120,7 +120,10 @@ public:
   {
     return (null_value=args[0]->get_time(ltime));
   }
-  bool is_null() { (void) val_int(); return null_value; }
+  bool is_null() { 
+    (void) val_int();  /* Discard result. It sets null_value as side-effect. */ 
+    return null_value; 
+  }
   friend class udf_handler;
   unsigned int size_of() { return sizeof(*this);}  
   Field *tmp_table_field(TABLE *t_arg);

--- 1.87/sql/item_strfunc.cc	2006-06-13 07:01:50 -04:00
+++ 1.88/sql/item_strfunc.cc	2006-07-01 14:31:45 -04:00
@@ -51,14 +51,14 @@ double Item_str_func::val()
 {
   String *res;
   res=val_str(&str_value);
-  return res ? atof(res->c_ptr()) : 0.0;
+  return res ? atof(res->c_ptr_safe()) : 0.0;
 }
 
 longlong Item_str_func::val_int()
 {
   String *res;
   res=val_str(&str_value);
-  return res ? strtoll(res->c_ptr(),NULL,10) : (longlong) 0;
+  return res ? strtoll(res->c_ptr_safe(),NULL,10) : (longlong) 0;
 }
 
 

--- 1.13/sql/sql_string.h	2001-12-06 07:10:47 -05:00
+++ 1.14/sql/sql_string.h	2006-07-01 14:31:45 -04:00
@@ -74,6 +74,14 @@ public:
       Ptr[str_length]=0;
     return Ptr;
   }
+  inline char *c_ptr_safe()
+  {
+    if (Ptr && str_length < Alloced_length)
+      Ptr[str_length]=0;
+    else
+      (void) realloc(str_length);
+    return Ptr;
+  }
 
   void set(String &str,uint32 offset,uint32 arg_length)
   {
Thread
bk commit into 4.0 tree (cmiller:1.2184) BUG#19006Chad MILLER1 Jul