From 0248fb2e8a3c6a02f443140cfcf68a0190354e23 Mon Sep 17 00:00:00 2001
From: Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com>
Date: Thu, 18 Aug 2016 09:56:48 +0530
Subject: [PATCH] Bug #23135667: CRASH AFTER DEEPLY NESTED
 BUILD_EQUAL_ITEMS_FOR_COND

Problem:
When build_equal_items_for_cond gets called for a big query
recursively, the specified thread_stack_size exceeds. But
optimizer does not handle this condition. As a result, server
exits.

Solution:
Check if we exceed specified stack size and if yes exit
gracefully by throwing an error.
---
 sql/sql_select.cc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index fb705e9ba6a..80d4b87e916 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -8154,6 +8154,9 @@ static COND *build_equal_items_for_cond(THD *thd, COND *cond,
   COND_EQUAL cond_equal;
   cond_equal.upper_levels= inherited;
 
+  if (check_stack_overrun(thd, STACK_MIN_SIZE, NULL))
+    return cond;                          // Fatal error flag is set!
+
   if (cond->type() == Item::COND_ITEM)
   {
     List<Item> eq_list;