better fix for bug#7242 (crash in prepared INSERT ... UPDATE)

sql/sql_insert.cc: cleanup

better fix for bug#7242 (crash in prepared INSERT ... UPDATE)
sql/sql_insert.cc: cleanup
a1110e70 · unknown · 05c65b91 · a1110e70 · a1110e70
Commit a1110e70 authored Dec 24, 2004 by unknown
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 31 deletions

sql/sql_insert.cc sql/sql_insert.cc +4 -5

sql/sql_prepare.cc sql/sql_prepare.cc +4 -26

No files found.
--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -427,6 +427,7 @@ abort:
    thd			- thread handler
    table_list		- global table list
    insert_table_list	- local table list of INSERT SELECT_LEX
+    values              - values to insert. NULL for INSERT ... SELECT
  RETURN VALUE
    0  - OK
@@ -442,7 +443,7 @@ int mysql_prepare_insert(THD *thd, TABLE_LIST *table_list,
  if (duplic == DUP_UPDATE && !table->insert_values)
  {
    /* it should be allocated before Item::fix_fields() */
-    table->insert_values= 
+    table->insert_values=
      (byte *)alloc_root(thd->mem_root, table->rec_buff_length);
    if (!table->insert_values)
      DBUG_RETURN(-1);
@@ -454,10 +455,8 @@ int mysql_prepare_insert(THD *thd, TABLE_LIST *table_list,
       (setup_fields(thd, 0, insert_table_list, update_fields, 1, 0, 0) ||
        setup_fields(thd, 0, insert_table_list, update_values, 1, 0, 0))))
    DBUG_RETURN(-1);
-  if ((thd->lex->sql_command==SQLCOM_INSERT ||
+  if (values && find_real_table_in_list(table_list->next, table_list->db,
-       thd->lex->sql_command==SQLCOM_REPLACE) &&
+                                        table_list->real_name))
-      find_real_table_in_list(table_list->next, 
-			      table_list->db, table_list->real_name))
  {
    my_error(ER_UPDATE_TABLE_USED, MYF(0), table_list->real_name);
    DBUG_RETURN(-1);

--- a/sql/sql_prepare.cc
+++ b/sql/sql_prepare.cc
@@ -908,14 +908,15 @@ static int mysql_test_insert(Prepared_statement *stmt,
    uint value_count;
    ulong counter= 0;
+    table_list->table->insert_values=(byte *)1; // don't allocate insert_values
    if ((res= mysql_prepare_insert(thd, table_list, insert_table_list,
 				   table_list->table, fields, values,
 				   update_fields, update_values, duplic)))
      goto error;
    value_count= values->elements;
    its.rewind();
    while ((values= its++))
    {
      counter++;
@@ -934,6 +935,7 @@ static int mysql_test_insert(Prepared_statement *stmt,
  res= 0;
 error:
  lex->unit.cleanup();
+  table_list->table->insert_values=0;
  DBUG_RETURN(res);
 }
@@ -1513,28 +1515,6 @@ static bool init_param_array(Prepared_statement *stmt)
  return 0;
 }
-/* Init statement before execution */
-static void cleanup_stmt_for_execute(Prepared_statement *stmt)
-{
-  THD *thd= stmt->thd;
-  LEX *lex= stmt->lex;
-  SELECT_LEX *sl= lex->all_selects_list;
-  for (; sl; sl= sl->next_select_in_list())
-  {
-    for (TABLE_LIST *tables= (TABLE_LIST*) sl->table_list.first;
-	 tables;
-	 tables= tables->next)
-    {
-      if (tables->table)
-        tables->table->insert_values= 0;
-    }
-  }
-}
 /*
  Given a query string with parameter markers, create a Prepared Statement
  from it and send PS info back to the client.
@@ -1635,7 +1615,6 @@ int mysql_stmt_prepare(THD *thd, char *packet, uint packet_length,
  if (!error)
    error= send_prepare_results(stmt, test(name));
-  cleanup_stmt_for_execute(stmt);
  /* restore to WAIT_PRIOR: QUERY_PRIOR is set inside alloc_query */
  if (!(specialflag & SPECIAL_NO_PRIOR))
@@ -1926,7 +1905,6 @@ static void execute_stmt(THD *thd, Prepared_statement *stmt,
  reset_stmt_params(stmt);
  close_thread_tables(thd);                    // to close derived tables
  thd->set_statement(&thd->stmt_backup);
-  cleanup_stmt_for_execute(stmt);
  DBUG_VOID_RETURN;
 }