Bug#10963: LEFT/RIGHT/SUBSTR/.. string functions returns wrong result \

  on large length
  
Problem:  Most (all) of the numeric inputs were being coerced into
int (32 bit) sized variables.  Works OK for sane inputs; any input
larger than 2^32 (or 2^31 for signed vars) exihibited predictable
wrapping behavior (up to about 10^18) and then started having really
strange behaviour past that point (since the conversion to 64 bit int
from the DECIMAL type can do weird things on out of range numbers).

Solution: 1)  Add many tests.  2)  Convert input from (u)long type to
(u)longlong.  3)  Do (sometimes multiple) sanity checks on input,
keeping in mind that sometimes a negative longlong is not a negative
longlong (if the unsigned_flag is set).  4) Emulate existing behavior
w/rt negative and "small" out-of-bounds values.
parent df27c5fa
This diff is collapsed.
......@@ -780,4 +780,193 @@ SELECT * FROM t1 INNER JOIN t2 ON code=id
DROP TABLE t1,t2;
#
# Bug #10963
# 4294967296 18446744073709551616
select locate('he','hello',-2);
select locate('lo','hello',-4294967295);
select locate('lo','hello',4294967295);
select locate('lo','hello',-4294967296);
select locate('lo','hello',4294967296);
select locate('lo','hello',-4294967297);
select locate('lo','hello',4294967297);
select locate('lo','hello',-18446744073709551615);
select locate('lo','hello',18446744073709551615);
select locate('lo','hello',-18446744073709551616);
select locate('lo','hello',18446744073709551616);
select locate('lo','hello',-18446744073709551617);
select locate('lo','hello',18446744073709551617);
select left('hello', 10);
select left('hello', 0);
select left('hello', -1);
select left('hello', -4294967295);
select left('hello', 4294967295);
select left('hello', -4294967296);
select left('hello', 4294967296);
select left('hello', -4294967297);
select left('hello', 4294967297);
select left('hello', -18446744073709551615);
select left('hello', 18446744073709551615);
select left('hello', -18446744073709551616);
select left('hello', 18446744073709551616);
select left('hello', -18446744073709551617);
select left('hello', 18446744073709551617);
select right('hello', 10);
select right('hello', 0);
select right('hello', -1);
select right('hello', -4294967295);
select right('hello', 4294967295);
select right('hello', -4294967296);
select right('hello', 4294967296);
select right('hello', -4294967297);
select right('hello', 4294967297);
select right('hello', -18446744073709551615);
select right('hello', 18446744073709551615);
select right('hello', -18446744073709551616);
select right('hello', 18446744073709551616);
select right('hello', -18446744073709551617);
select right('hello', 18446744073709551617);
select substring('hello', 2, -1);
select substring('hello', -1, 1);
select substring('hello', -2, 1);
select substring('hello', -4294967295, 1);
select substring('hello', 4294967295, 1);
select substring('hello', -4294967296, 1);
select substring('hello', 4294967296, 1);
select substring('hello', -4294967297, 1);
select substring('hello', 4294967297, 1);
select substring('hello', -18446744073709551615, 1);
select substring('hello', 18446744073709551615, 1);
select substring('hello', -18446744073709551616, 1);
select substring('hello', 18446744073709551616, 1);
select substring('hello', -18446744073709551617, 1);
select substring('hello', 18446744073709551617, 1);
select substring('hello', 1, -1);
select substring('hello', 1, -4294967295);
select substring('hello', 1, 4294967295);
select substring('hello', 1, -4294967296);
select substring('hello', 1, 4294967296);
select substring('hello', 1, -4294967297);
select substring('hello', 1, 4294967297);
select substring('hello', 1, -18446744073709551615);
select substring('hello', 1, 18446744073709551615);
select substring('hello', 1, -18446744073709551616);
select substring('hello', 1, 18446744073709551616);
select substring('hello', 1, -18446744073709551617);
select substring('hello', 1, 18446744073709551617);
select substring('hello', -1, -1);
select substring('hello', -4294967295, -4294967295);
select substring('hello', 4294967295, 4294967295);
select substring('hello', -4294967296, -4294967296);
select substring('hello', 4294967296, 4294967296);
select substring('hello', -4294967297, -4294967297);
select substring('hello', 4294967297, 4294967297);
select substring('hello', -18446744073709551615, -18446744073709551615);
select substring('hello', 18446744073709551615, 18446744073709551615);
select substring('hello', -18446744073709551616, -18446744073709551616);
select substring('hello', 18446744073709551616, 18446744073709551616);
select substring('hello', -18446744073709551617, -18446744073709551617);
select substring('hello', 18446744073709551617, 18446744073709551617);
select insert('hello', -1, 1, 'hi');
select insert('hello', -4294967295, 1, 'hi');
select insert('hello', 4294967295, 1, 'hi');
select insert('hello', -4294967296, 1, 'hi');
select insert('hello', 4294967296, 1, 'hi');
select insert('hello', -4294967297, 1, 'hi');
select insert('hello', 4294967297, 1, 'hi');
select insert('hello', -18446744073709551615, 1, 'hi');
select insert('hello', 18446744073709551615, 1, 'hi');
select insert('hello', -18446744073709551616, 1, 'hi');
select insert('hello', 18446744073709551616, 1, 'hi');
select insert('hello', -18446744073709551617, 1, 'hi');
select insert('hello', 18446744073709551617, 1, 'hi');
select insert('hello', 1, -1, 'hi');
select insert('hello', 1, -4294967295, 'hi');
select insert('hello', 1, 4294967295, 'hi');
select insert('hello', 1, -4294967296, 'hi');
select insert('hello', 1, 4294967296, 'hi');
select insert('hello', 1, -4294967297, 'hi');
select insert('hello', 1, 4294967297, 'hi');
select insert('hello', 1, -18446744073709551615, 'hi');
select insert('hello', 1, 18446744073709551615, 'hi');
select insert('hello', 1, -18446744073709551616, 'hi');
select insert('hello', 1, 18446744073709551616, 'hi');
select insert('hello', 1, -18446744073709551617, 'hi');
select insert('hello', 1, 18446744073709551617, 'hi');
select insert('hello', -1, -1, 'hi');
select insert('hello', -4294967295, -4294967295, 'hi');
select insert('hello', 4294967295, 4294967295, 'hi');
select insert('hello', -4294967296, -4294967296, 'hi');
select insert('hello', 4294967296, 4294967296, 'hi');
select insert('hello', -4294967297, -4294967297, 'hi');
select insert('hello', 4294967297, 4294967297, 'hi');
select insert('hello', -18446744073709551615, -18446744073709551615, 'hi');
select insert('hello', 18446744073709551615, 18446744073709551615, 'hi');
select insert('hello', -18446744073709551616, -18446744073709551616, 'hi');
select insert('hello', 18446744073709551616, 18446744073709551616, 'hi');
select insert('hello', -18446744073709551617, -18446744073709551617, 'hi');
select insert('hello', 18446744073709551617, 18446744073709551617, 'hi');
select repeat('hello', -1);
select repeat('hello', -4294967295);
select repeat('hello', 4294967295);
select repeat('hello', -4294967296);
select repeat('hello', 4294967296);
select repeat('hello', -4294967297);
select repeat('hello', 4294967297);
select repeat('hello', -18446744073709551615);
select repeat('hello', 18446744073709551615);
select repeat('hello', -18446744073709551616);
select repeat('hello', 18446744073709551616);
select repeat('hello', -18446744073709551617);
select repeat('hello', 18446744073709551617);
select space(-1);
select space(-4294967295);
select space(4294967295);
select space(-4294967296);
select space(4294967296);
select space(-4294967297);
select space(4294967297);
select space(-18446744073709551615);
select space(18446744073709551615);
select space(-18446744073709551616);
select space(18446744073709551616);
select space(-18446744073709551617);
select space(18446744073709551617);
select rpad('hello', -1, '1');
select rpad('hello', -4294967295, '1');
select rpad('hello', 4294967295, '1');
select rpad('hello', -4294967296, '1');
select rpad('hello', 4294967296, '1');
select rpad('hello', -4294967297, '1');
select rpad('hello', 4294967297, '1');
select rpad('hello', -18446744073709551615, '1');
select rpad('hello', 18446744073709551615, '1');
select rpad('hello', -18446744073709551616, '1');
select rpad('hello', 18446744073709551616, '1');
select rpad('hello', -18446744073709551617, '1');
select rpad('hello', 18446744073709551617, '1');
select lpad('hello', -1, '1');
select lpad('hello', -4294967295, '1');
select lpad('hello', 4294967295, '1');
select lpad('hello', -4294967296, '1');
select lpad('hello', 4294967296, '1');
select lpad('hello', -4294967297, '1');
select lpad('hello', 4294967297, '1');
select lpad('hello', -18446744073709551615, '1');
select lpad('hello', 18446744073709551615, '1');
select lpad('hello', -18446744073709551616, '1');
select lpad('hello', 18446744073709551616, '1');
select lpad('hello', -18446744073709551617, '1');
select lpad('hello', 18446744073709551617, '1');
--echo End of 5.0 tests
......@@ -2313,21 +2313,27 @@ longlong Item_func_locate::val_int()
return 0; /* purecov: inspected */
}
null_value=0;
uint start=0;
uint start0=0;
/* must be longlong to avoid truncation */
longlong start= 0;
longlong start0= 0;
my_match_t match;
if (arg_count == 3)
{
start0= start =(uint) args[2]->val_int()-1;
start=a->charpos(start);
start0= start= args[2]->val_int() - 1;
if (start > a->length() || start+b->length() > a->length())
if ((start < 0) || (start > a->length()))
return 0;
/* start is now sufficiently valid to pass to charpos function */
start= a->charpos(start);
if (start + b->length() > a->length())
return 0;
}
if (!b->length()) // Found empty string at start
return (longlong) (start+1);
return start + 1;
if (!cmp_collation.collation->coll->instr(cmp_collation.collation,
a->ptr()+start, a->length()-start,
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment