• Praveenkumar Hulakund's avatar
    BUG#13868860 - LIMIT '5' IS EXECUTED WITHOUT ERROR WHEN '5' · 5887cff7
    Praveenkumar Hulakund authored
                   IS PLACE HOLDER AND USE SERVER-SIDE 
    
    Analysis:
    LIMIT always takes nonnegative integer constant values. 
    
    http://dev.mysql.com/doc/refman/5.6/en/select.html
    
    So parsing of value '5' for LIMIT in SELECT fails.
    
    But, within prepared statement, LIMIT parameters can be
    specified using '?' markers. Value for the parameter can
    be supplied while executing the prepared statement.
    
    Passing string values, float or double value for LIMIT
    works well from CLI. Because, while setting the value
    for the parameters from the variable list (added using
    SET), if the value is for parameter LIMIT then its 
    converted to integer value. 
    
    But, when prepared statement is executed from the other
    interfaces as J connectors, or C applications etc.
    The value for the parameters are sent to the server
    with execute command. Each item in log has value and
    the data TYPE. So, While setting parameter value
    from this log, value is set to all the parameters
    with the same data type as passed.
    But here logic to convert value to integer type
    if its for LIMIT parameter is missing.
    Because of this,string '5' is set to LIMIT.
    And the same is logged into the binlog file too. 
    
    Fix:
    When executing prepared statement having parameter for
    CLI it worked fine, as the value set for the parameter
    is converted to integer. And this failed in other 
    interfaces as J connector,C Applications etc as this 
    conversion is missing.
    
    So, as a fix added check while setting value for the
    parameters. If the parameter is for LIMIT value then
    its converted to integer value.
    5887cff7
sql_prepare.cc 106 KB