• Gleb Shchepa's avatar
    Bug #37362: Crash in do_field_eq · 480fac61
    Gleb Shchepa authored
    EXPLAIN EXTENDED of nested query containing a error:
    
       1054 Unknown column '...' in 'field list'
    
    may cause a server crash.
    
    
    Parse error like described above forces a call to
    JOIN::destroy() on malformed subquery.
    That JOIN::destroy function closes and frees temporary
    tables. However, temporary fields of these tables
    may be listed in st_select_lex::group_list of outer
    query, and that st_select_lex may not cleanup them
    properly. So, after the JOIN::destroy call that
    st_select_lex::group_list may have Item_field
    objects with dangling pointers to freed temporary
    table Field objects. That caused a crash.
    480fac61
subselect3.result 29.8 KB