Commit cbfe9f05 authored by unknown's avatar unknown

Fix for bug#4105 "Server crash on attempt to prepare a statement with

character set introducer": add new item type to be returned before from 
Item_param until it's value is set.
This way items like Item_bool_func2 and udf_handler won't treat this item
as constant literal when statement is prepared.


mysql-test/r/ps.result:
  Test results fixed (test case for bug #4105)
mysql-test/t/ps.test:
  Followup to bug #4105: a test case.
sql/item.cc:
  Fix for bug#4105 "Server crash on attempt to prepare a statement with 
  character set introducer": add new item type to be returned before from 
  Item_param until it's value is set.
sql/item.h:
  Fix for bug#4105 "Server crash on attempt to prepare a statement with 
  character set introducer": add new item type to be returned before from 
  Item_param until it's value is set.
parent 25749c96
...@@ -113,3 +113,9 @@ execute stmt1 using @ivar; ...@@ -113,3 +113,9 @@ execute stmt1 using @ivar;
? ?
1234 1234
drop table t1,t2; drop table t1,t2;
PREPARE stmt1 FROM "select _utf8 'A' collate utf8_bin = ?";
set @var='A';
EXECUTE stmt1 USING @var;
_utf8 'A' collate utf8_bin = ?
1
DEALLOCATE PREPARE stmt1;
...@@ -116,4 +116,11 @@ prepare stmt1 from @str2; ...@@ -116,4 +116,11 @@ prepare stmt1 from @str2;
execute stmt1 using @ivar; execute stmt1 using @ivar;
drop table t1,t2; drop table t1,t2;
#
# Bug #4105: Server crash on attempt to prepare a statement with character
# set introducer
#
PREPARE stmt1 FROM "select _utf8 'A' collate utf8_bin = ?";
set @var='A';
EXECUTE stmt1 USING @var;
DEALLOCATE PREPARE stmt1;
...@@ -628,7 +628,8 @@ default_set_param_func(Item_param *param, ...@@ -628,7 +628,8 @@ default_set_param_func(Item_param *param,
Item_param::Item_param(unsigned pos_in_query_arg) : Item_param::Item_param(unsigned pos_in_query_arg) :
state(NO_VALUE), state(NO_VALUE),
item_result_type(STRING_RESULT), item_result_type(STRING_RESULT),
item_type(STRING_ITEM), /* Don't pretend to be a literal unless value for this item is set. */
item_type(PARAM_ITEM),
param_type(MYSQL_TYPE_STRING), param_type(MYSQL_TYPE_STRING),
pos_in_query(pos_in_query_arg), pos_in_query(pos_in_query_arg),
set_param_func(default_set_param_func) set_param_func(default_set_param_func)
...@@ -827,6 +828,15 @@ void Item_param::reset() ...@@ -827,6 +828,15 @@ void Item_param::reset()
state= NO_VALUE; state= NO_VALUE;
maybe_null= 1; maybe_null= 1;
null_value= 0; null_value= 0;
/*
Don't reset item_type to PARAM_ITEM: it's only needed to guard
us from item optimizations at prepare stage, when item doesn't yet
contain a literal of some kind.
In all other cases when this object is accessed its value is
set (this assumption is guarded by 'state' and
DBUG_ASSERTS(state != NO_VALUE) in all Item_param::get_*
methods).
*/
} }
......
...@@ -98,7 +98,8 @@ class Item { ...@@ -98,7 +98,8 @@ class Item {
COPY_STR_ITEM, FIELD_AVG_ITEM, DEFAULT_VALUE_ITEM, COPY_STR_ITEM, FIELD_AVG_ITEM, DEFAULT_VALUE_ITEM,
PROC_ITEM,COND_ITEM, REF_ITEM, FIELD_STD_ITEM, PROC_ITEM,COND_ITEM, REF_ITEM, FIELD_STD_ITEM,
FIELD_VARIANCE_ITEM, INSERT_VALUE_ITEM, FIELD_VARIANCE_ITEM, INSERT_VALUE_ITEM,
SUBSELECT_ITEM, ROW_ITEM, CACHE_ITEM, TYPE_HOLDER}; SUBSELECT_ITEM, ROW_ITEM, CACHE_ITEM, TYPE_HOLDER,
PARAM_ITEM};
enum cond_result { COND_UNDEF,COND_OK,COND_TRUE,COND_FALSE }; enum cond_result { COND_UNDEF,COND_OK,COND_TRUE,COND_FALSE };
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment