- 12 Dec, 2008 4 commits
-
-
Gleb Shchepa authored
-
Gleb Shchepa authored
IF(..., CAST(longtext AS UNSIGNED), signed_val) (was: LEFT JOIN on inline view crashes server) Select from a LONGTEXT column wrapped with an expression like "IF(..., CAST(longtext_column AS UNSIGNED), smth_signed)" failed an assertion or crashed the server. IFNULL function was affected too. LONGTEXT column item has a maximum length of 32^2-1 bytes, at the same time this is a maximum possible length of any MySQL item. CAST(longtext_column AS UNSIGNED) returns some unsigned numeric result of length 32^2-1, so the result of IF/IFNULL function of this number and some other signed number will have text length of (32^2-1)+1=32^2 (one byte for the minus sign) - there is integer overflow, and the length is equal to zero. That caused assert/crash. CAST AS UNSIGNED function has been modified to limit maximal length of resulting number to 67 (maximal length of DECIMAL and two characters for minus sign and dot). mysql-test/r/func_if.result: Added test case for bug #40761. mysql-test/t/func_if.test: Added test case for bug #40761. sql/item_func.h: Bug #40761: Assert on sum function on IF(..., CAST(longtext AS UNSIGNED), signed_val) CAST AS UNSIGNED function has been modified to limit maximal length of resulting number to 67 (maximal length of DECIMAL and two characters for minus sign and dot).
-
Gleb Shchepa authored
-
Gleb Shchepa authored
-
- 11 Dec, 2008 10 commits
-
-
Gleb Shchepa authored
-
Gleb Shchepa authored
IF(..., CAST(longtext AS UNSIGNED), signed_val) (was: LEFT JOIN on inline view crashes server) Select from a LONGTEXT column wrapped with an expression like "IF(..., CAST(longtext_column AS UNSIGNED), smth_signed)" failed an assertion or crashed the server. IFNULL function was affected too. LONGTEXT column item has a maximum length of 32^2-1 bytes, at the same time this is a maximum possible length of any MySQL item. CAST(longtext_column AS UNSIGNED) returns some unsigned numeric result of length 32^2-1, so the result of IF/IFNULL function of this number and some other signed number will have text length of (32^2-1)+1=32^2 (one byte for the minus sign) - there is integer overflow, and the length is equal to zero. That caused assert/crash. The bug has been fixed by the same solution as in the CASE function implementation. mysql-test/r/func_if.result: Added test case for bug #40761. mysql-test/t/func_if.test: Added test case for bug #40761. sql/item_cmpfunc.cc: Bug #40761: Assert on sum function on IF(..., CAST(longtext AS UNSIGNED), signed_val) 1. Item_func_case::agg_str_lengths method has been moved to the Item_func superclass. 2. Item_func_ifnull/Item_func_if::fix_length_and_dec methods have been updated to calculate max_length, decimals and unsigned flag like Item_func_case. sql/item_cmpfunc.h: Bug #40761: Assert on sum function on IF(..., CAST(longtext AS UNSIGNED), signed_val) Item_func_case::agg_str_lengths method has been moved to the Item_func superclass. sql/item_func.cc: Bug #40761: Assert on sum function on IF(..., CAST(longtext AS UNSIGNED), signed_val) Item_func_case::agg_str_lengths method has been moved to the Item_func superclass. sql/item_func.h: Bug #40761: Assert on sum function on IF(..., CAST(longtext AS UNSIGNED), signed_val) Item_func_case::agg_str_lengths method has been moved to the Item_func superclass.
-
Chad MILLER authored
-
Chad MILLER authored
-
Chad MILLER authored
Fix parsing of mysql client commands, especially in relation to single-line comments when --comments was specified. This is a little tricky, because we need to allow single-line comments in the middle of statements, but we don't want to allow client commands in the middle of statements. So in comment-preservation mode, we go ahead and send single-line comments to the server immediately when we encounter them on their own. This is still slightly flawed, in that it does not handle a single-line comment with leading spaces, followed by a client-side command when --comment has been enabled. But this isn't a new problem, and it is quite an edge condition. Fixing it would require a more extensive overall of how the mysql client parses commands.
-
Luis Soares authored
Merge from 5.0-bugteam. Additional fix for unused ret variable warning.
-
Luis Soares authored
BUG#38826
-
Sergey Glukhov authored
-
Sergey Glukhov authored
-
Sergey Glukhov authored
-
- 10 Dec, 2008 18 commits
-
-
Mattias Jonsson authored
mysql-test/t/partition_innodb_stmt.test: post push fix for test case for bug#39084. (must have partitioning...)
-
Patrick Crews authored
-
Alexey Kopytov authored
-
Alexey Kopytov authored
-
Alexey Kopytov authored
-
Sergey Glukhov authored
Added KEY_BLOCK_SIZE option to I_S.TABLES.CREATE_OPTIONS field mysql-test/r/information_schema.result: test result mysql-test/t/information_schema.test: test case sql/sql_show.cc: Added KEY_BLOCK_SIZE option to I_S.TABLES.CREATE_OPTIONS field
-
Sergey Glukhov authored
-
Sergey Glukhov authored
Bug#37671 crash on prepared statement + cursor + geometry + too many open files! if mysql_execute_command() returns error then free materialized_cursor object. is_rnd_inited is added to satisfy rnd_end() assertion (handler may be uninitialized in some cases) sql/sql_cursor.cc: if mysql_execute_command() returns error then free materialized_cursor object. is_rnd_inited is added to satisfy rnd_end() assertion (handler may be uninitialized in some cases) sql/sql_select.cc: added result check tests/mysql_client_test.c: test case
-
Alexey Kopytov authored
Removed values with more than 15 significant digits from the test case. Results of reading/printing such values using system library functions depend on implementation and thus are not portable. mysql-test/r/type_float.result: Removed values with more than 15 significant digits from the test case. mysql-test/t/type_float.test: Removed values with more than 15 significant digits from the test case.
-
Luis Soares authored
-
Luis Soares authored
-
V Narayanan authored
-
Mattias Jonsson authored
-
Alexander Barkov authored
Problem: XML syntax parser allowed to use quoted strings as attribute names, and tried to put them into parser state stack instead of identifiers. After that parser failed, if quoted string contained some slash characters. Fix: - Disallowing quoted strings in regular tags. - Allowing quoted string in DOCTYPE declararion, but don't push it into parse state stack (just skip it).
-
V Narayanan authored
-
V Narayanan authored
-
Mattias Jonsson authored
-
Mattias Jonsson authored
-
- 09 Dec, 2008 8 commits
-
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Patrick Crews authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
Field_varstring::store The code that temporary saved the bitmaps of the read set and the write set so that it can set it to all columns for debug purposes was not expecting that the table->read_set and table->write_set can be the same. And was always saving both in sequence. As a result the original value was never restored. Fixed by saving & restoring the original value only once if the two sets are the same (in a special set of functions). mysql-test/r/select.result: Bug #37936: test case mysql-test/t/select.test: Bug #37936: test case sql/item_cmpfunc.cc: Bug #37936: don't save/restore twice if the read and write sets are the same sql/opt_range.cc: Bug #37936: don't save/restore twice if the read and write sets are the same sql/table.h: Bug #37936: Make a designated set of functions that save/restore both the read and the write sets in a single call.
-
Patrick Crews authored
-
Horst Hunger authored
-
Patrick Crews authored
-