Commit 50c8cec3 authored by unknown's avatar unknown

Fix BUG#2259: Crash after fetch from not-open cursor in stored procedure

Initialize and test properly when cleaning up, to avoid crash in some error cases.


mysql-test/r/sp-error.result:
  Test case for BUG#2259
mysql-test/t/sp-error.test:
  Test case for BUG#2259
sql/sp_rcontext.cc:
  Cleanup in a more controlled way to avoid crashes in some error cases.
  Remove unused variable.
sql/sp_rcontext.h:
  Initialize member var, for cleanup tests.
parent 28f589db
......@@ -283,6 +283,15 @@ create table t3 (column_1 int)|
call bug1653()|
drop procedure bug1653|
drop table t3|
create procedure bug2259()
begin
declare v1 int;
declare c1 cursor for select s1 from t10;
fetch c1 into v1;
end|
call bug2259()|
ERROR 24000: Cursor is not open
drop procedure bug2259|
create procedure bug2272()
begin
declare v int;
......@@ -292,4 +301,5 @@ insert into t1 values (666, 51.3)|
call bug2272()|
ERROR 42S22: Unknown column 'v' in 'field list'
delete from t1|
drop procedure bug2272|
drop table t1|
......@@ -388,6 +388,23 @@ call bug1653()|
drop procedure bug1653|
drop table t3|
#
# BUG#2259
#
# Note: When this bug existed, it did not necessarily cause a crash
# in all builds, but valgrind did give warnings.
create procedure bug2259()
begin
declare v1 int;
declare c1 cursor for select s1 from t10;
fetch c1 into v1;
end|
--error 1310
call bug2259()|
drop procedure bug2259|
#
# BUG#2272
#
......@@ -402,6 +419,7 @@ insert into t1 values (666, 51.3)|
--error 1054
call bug2272()|
delete from t1|
drop procedure bug2272|
drop table t1|
......
......@@ -176,10 +176,13 @@ sp_cursor::close(THD *thd)
void
sp_cursor::destroy()
{
delete m_prot;
m_prot= NULL;
free_root(&m_mem_root, MYF(0));
bzero((char *)&m_mem_root, sizeof(m_mem_root));
if (m_prot)
{
delete m_prot;
m_prot= NULL;
free_root(&m_mem_root, MYF(0));
bzero((char *)&m_mem_root, sizeof(m_mem_root));
}
m_isopen= FALSE;
}
......@@ -190,14 +193,12 @@ sp_cursor::fetch(THD *thd, List<struct sp_pvar> *vars)
sp_pvar_t *pv;
MYSQL_ROW row;
uint fldcount;
MYSQL_FIELD *fields= m_prot->fields;
if (! m_isopen)
{
send_error(thd, ER_SP_CURSOR_NOT_OPEN);
return -1;
}
if (m_current_row == NULL)
{
send_error(thd, ER_SP_FETCH_NO_DATA);
......
......@@ -205,7 +205,7 @@ class sp_cursor : public Sql_alloc
public:
sp_cursor(LEX *lex)
: m_lex(lex), m_isopen(0), m_current_row(NULL)
: m_lex(lex), m_prot(NULL), m_isopen(0), m_current_row(NULL)
{
/* Empty */
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment