Skip to content

M
mariadb
Commit 11bd1f87 authored by unknown's avatar unknown
Browse files
Options

fix for bug#12913 

(Simple SQL can crash server or connection)
(not initialized member leads to server crash)


mysql-test/r/create.result:
  result of test for bug #12913
mysql-test/t/create.test:
  test for bug#12913
  (Simple SQL can crash server or connection)
sql/sql_table.cc:
  copy the interval pointer too or a bit later
  dereferencing of this pointer being 0x0 will crash the server
  (see bug #12913)
parent 92e2b9ed
Hide whitespace changes
Inline Side-by-side
Showing with 13 additions and 0 deletions
mysql-test/r/create.result
View file @ 11bd1f87
......@@ -587,6 +587,11 @@ DESC t2;
Field Type Null Key Default Extra
f2 varchar(86) YES NULL
DROP TABLE t1,t2;
CREATE TABLE t12913 (f1 ENUM ('a','b')) AS SELECT 'a' AS f1;
SELECT * FROM t12913;
f1
a
DROP TABLE t12913;
create database mysqltest;
use mysqltest;
drop database mysqltest;
......
mysql-test/t/create.test
View file @ 11bd1f87
......@@ -501,6 +501,13 @@ AS f2 FROM t1;
DESC t2;
DROP TABLE t1,t2;
#
# Bug#12913 Simple SQL can crash server or connection
#
CREATE TABLE t12913 (f1 ENUM ('a','b')) AS SELECT 'a' AS f1;
SELECT * FROM t12913;
DROP TABLE t12913;
#
# Bug#11028: Crash on create table like
#
......
sql/sql_table.cc
View file @ 11bd1f87
......@@ -649,6 +649,7 @@ int mysql_prepare_table(THD *thd, HA_CREATE_INFO *create_info,
sql_field->decimals= dup_field->decimals;
sql_field->flags= dup_field->flags;
sql_field->unireg_check= dup_field->unireg_check;
sql_field->interval= dup_field->interval;
it2.remove(); // Remove first (create) definition
select_field_pos--;
break;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7