Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
4e9e69e5
Commit
4e9e69e5
authored
May 05, 2011
by
Tatiana Azundris Nurnberg
Browse files
Options
Browse Files
Download
Plain Diff
auto-merge conservative fix for Bug#55436/Bug#11762799
parents
dbb832c0
1d0a11fd
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
41 additions
and
11 deletions
+41
-11
mysql-test/r/type_newdecimal.result
mysql-test/r/type_newdecimal.result
+13
-0
mysql-test/t/type_newdecimal.test
mysql-test/t/type_newdecimal.test
+14
-0
sql/field.cc
sql/field.cc
+3
-3
sql/my_decimal.cc
sql/my_decimal.cc
+6
-5
sql/my_decimal.h
sql/my_decimal.h
+2
-1
strings/decimal.c
strings/decimal.c
+3
-2
No files found.
mysql-test/r/type_newdecimal.result
View file @
4e9e69e5
...
@@ -1913,4 +1913,17 @@ group by PAY.id + 1;
...
@@ -1913,4 +1913,17 @@ group by PAY.id + 1;
mult v_net_with_discount v_total
mult v_net_with_discount v_total
1.0000 27.18 27.180000
1.0000 27.18 27.180000
DROP TABLE currencies, payments, sub_tasks;
DROP TABLE currencies, payments, sub_tasks;
#
# Bug#55436: buffer overflow in debug binary of dbug_buff in
# Field_new_decimal::store_value
#
SET SQL_MODE='';
CREATE TABLE t1(f1 DECIMAL(44,24)) ENGINE=MYISAM;
INSERT INTO t1 SET f1 = -64878E-85;
Warnings:
Note 1265 Data truncated for column 'f1' at row 1
SELECT f1 FROM t1;
f1
0.000000000000000000000000
DROP TABLE IF EXISTS t1;
End of 5.1 tests
End of 5.1 tests
mysql-test/t/type_newdecimal.test
View file @
4e9e69e5
...
@@ -1510,5 +1510,19 @@ group by PAY.id + 1;
...
@@ -1510,5 +1510,19 @@ group by PAY.id + 1;
DROP
TABLE
currencies
,
payments
,
sub_tasks
;
DROP
TABLE
currencies
,
payments
,
sub_tasks
;
--
echo
#
--
echo
# Bug#55436: buffer overflow in debug binary of dbug_buff in
--
echo
# Field_new_decimal::store_value
--
echo
#
# this threw memory warnings on Windows. Also make sure future changes
# don't change these results, as per usual.
SET
SQL_MODE
=
''
;
CREATE
TABLE
t1
(
f1
DECIMAL
(
44
,
24
))
ENGINE
=
MYISAM
;
INSERT
INTO
t1
SET
f1
=
-
64878
E
-
85
;
SELECT
f1
FROM
t1
;
DROP
TABLE
IF
EXISTS
t1
;
--
echo
End
of
5.1
tests
--
echo
End
of
5.1
tests
sql/field.cc
View file @
4e9e69e5
...
@@ -2583,7 +2583,7 @@ bool Field_new_decimal::store_value(const my_decimal *decimal_value)
...
@@ -2583,7 +2583,7 @@ bool Field_new_decimal::store_value(const my_decimal *decimal_value)
DBUG_ENTER
(
"Field_new_decimal::store_value"
);
DBUG_ENTER
(
"Field_new_decimal::store_value"
);
#ifndef DBUG_OFF
#ifndef DBUG_OFF
{
{
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
1
];
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
2
];
DBUG_PRINT
(
"enter"
,
(
"value: %s"
,
dbug_decimal_as_string
(
dbug_buff
,
decimal_value
)));
DBUG_PRINT
(
"enter"
,
(
"value: %s"
,
dbug_decimal_as_string
(
dbug_buff
,
decimal_value
)));
}
}
#endif
#endif
...
@@ -2598,7 +2598,7 @@ bool Field_new_decimal::store_value(const my_decimal *decimal_value)
...
@@ -2598,7 +2598,7 @@ bool Field_new_decimal::store_value(const my_decimal *decimal_value)
}
}
#ifndef DBUG_OFF
#ifndef DBUG_OFF
{
{
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
1
];
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
2
];
DBUG_PRINT
(
"info"
,
(
"saving with precision %d scale: %d value %s"
,
DBUG_PRINT
(
"info"
,
(
"saving with precision %d scale: %d value %s"
,
(
int
)
precision
,
(
int
)
dec
,
(
int
)
precision
,
(
int
)
dec
,
dbug_decimal_as_string
(
dbug_buff
,
decimal_value
)));
dbug_decimal_as_string
(
dbug_buff
,
decimal_value
)));
...
@@ -2673,7 +2673,7 @@ int Field_new_decimal::store(const char *from, uint length,
...
@@ -2673,7 +2673,7 @@ int Field_new_decimal::store(const char *from, uint length,
}
}
#ifndef DBUG_OFF
#ifndef DBUG_OFF
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
1
];
char
dbug_buff
[
DECIMAL_MAX_STR_LENGTH
+
2
];
DBUG_PRINT
(
"enter"
,
(
"value: %s"
,
DBUG_PRINT
(
"enter"
,
(
"value: %s"
,
dbug_decimal_as_string
(
dbug_buff
,
&
decimal_value
)));
dbug_decimal_as_string
(
dbug_buff
,
&
decimal_value
)));
#endif
#endif
...
...
sql/my_decimal.cc
View file @
4e9e69e5
...
@@ -95,10 +95,11 @@ int my_decimal2string(uint mask, const my_decimal *d,
...
@@ -95,10 +95,11 @@ int my_decimal2string(uint mask, const my_decimal *d,
UNSIGNED. Hence the buffer for a ZEROFILLed value is the length
UNSIGNED. Hence the buffer for a ZEROFILLed value is the length
the user requested, plus one for a possible decimal point, plus
the user requested, plus one for a possible decimal point, plus
one if the user only wanted decimal places, but we force a leading
one if the user only wanted decimal places, but we force a leading
zero on them. Because the type is implicitly UNSIGNED, we do not
zero on them, plus one for the '\0' terminator. Because the type
need to reserve a character for the sign. For all other cases,
is implicitly UNSIGNED, we do not need to reserve a character for
fixed_prec will be 0, and my_decimal_string_length() will be called
the sign. For all other cases, fixed_prec will be 0, and
instead to calculate the required size of the buffer.
my_decimal_string_length() will be called instead to calculate the
required size of the buffer.
*/
*/
int
length
=
(
fixed_prec
int
length
=
(
fixed_prec
?
(
fixed_prec
+
((
fixed_prec
==
fixed_dec
)
?
1
:
0
)
+
1
)
?
(
fixed_prec
+
((
fixed_prec
==
fixed_dec
)
?
1
:
0
)
+
1
)
...
@@ -276,7 +277,7 @@ print_decimal_buff(const my_decimal *dec, const uchar* ptr, int length)
...
@@ -276,7 +277,7 @@ print_decimal_buff(const my_decimal *dec, const uchar* ptr, int length)
const
char
*
dbug_decimal_as_string
(
char
*
buff
,
const
my_decimal
*
val
)
const
char
*
dbug_decimal_as_string
(
char
*
buff
,
const
my_decimal
*
val
)
{
{
int
length
=
DECIMAL_MAX_STR_LENGTH
;
int
length
=
DECIMAL_MAX_STR_LENGTH
+
1
;
/* minimum size for buff */
if
(
!
val
)
if
(
!
val
)
return
"NULL"
;
return
"NULL"
;
(
void
)
decimal2string
((
decimal_t
*
)
val
,
buff
,
&
length
,
0
,
0
,
0
);
(
void
)
decimal2string
((
decimal_t
*
)
val
,
buff
,
&
length
,
0
,
0
,
0
);
...
...
sql/my_decimal.h
View file @
4e9e69e5
...
@@ -55,7 +55,7 @@ C_MODE_END
...
@@ -55,7 +55,7 @@ C_MODE_END
/**
/**
maximum length of string representation (number of maximum decimal
maximum length of string representation (number of maximum decimal
digits + 1 position for sign + 1 position for decimal point)
digits + 1 position for sign + 1 position for decimal point
, no terminator
)
*/
*/
#define DECIMAL_MAX_STR_LENGTH (DECIMAL_MAX_POSSIBLE_PRECISION + 2)
#define DECIMAL_MAX_STR_LENGTH (DECIMAL_MAX_POSSIBLE_PRECISION + 2)
...
@@ -212,6 +212,7 @@ inline uint32 my_decimal_precision_to_length(uint precision, uint8 scale,
...
@@ -212,6 +212,7 @@ inline uint32 my_decimal_precision_to_length(uint precision, uint8 scale,
inline
inline
int
my_decimal_string_length
(
const
my_decimal
*
d
)
int
my_decimal_string_length
(
const
my_decimal
*
d
)
{
{
/* length of string representation including terminating '\0' */
return
decimal_string_size
(
d
);
return
decimal_string_size
(
d
);
}
}
...
...
strings/decimal.c
View file @
4e9e69e5
...
@@ -320,8 +320,8 @@ int decimal_actual_fraction(decimal_t *from)
...
@@ -320,8 +320,8 @@ int decimal_actual_fraction(decimal_t *from)
from - value to convert
from - value to convert
to - points to buffer where string representation
to - points to buffer where string representation
should be stored
should be stored
*to_len - in: size of to buffer
*to_len - in: size of to buffer
(incl. terminating '\0')
out: length of the actually written string
out: length of the actually written string
(excl. '\0')
fixed_precision - 0 if representation can be variable length and
fixed_precision - 0 if representation can be variable length and
fixed_decimals will not be checked in this case.
fixed_decimals will not be checked in this case.
Put number as with fixed point position with this
Put number as with fixed point position with this
...
@@ -338,6 +338,7 @@ int decimal2string(decimal_t *from, char *to, int *to_len,
...
@@ -338,6 +338,7 @@ int decimal2string(decimal_t *from, char *to, int *to_len,
int
fixed_precision
,
int
fixed_decimals
,
int
fixed_precision
,
int
fixed_decimals
,
char
filler
)
char
filler
)
{
{
/* {intg_len, frac_len} output widths; {intg, frac} places in input */
int
len
,
intg
,
frac
=
from
->
frac
,
i
,
intg_len
,
frac_len
,
fill
;
int
len
,
intg
,
frac
=
from
->
frac
,
i
,
intg_len
,
frac_len
,
fill
;
/* number digits before decimal point */
/* number digits before decimal point */
int
fixed_intg
=
(
fixed_precision
?
int
fixed_intg
=
(
fixed_precision
?
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment