From 0406b2a4ed11fd32532eadcc2d78f936b137f0cd Mon Sep 17 00:00:00 2001
From: Rucha Deodhar <rucha.deodhar@mariadb.com>
Date: Wed, 15 May 2024 17:06:20 +0530
Subject: [PATCH] MDEV-34143: Server crashes when executing JSON_EXTRACT after
 setting non-default collation_connection

Analysis:
Due to different collation, the string has nothing to chop off.

Fix:
Got rid of chop(), only append " ," only when we have more elements to
add to the result.
---
 mysql-test/main/func_json.result | 11 +++++++++++
 mysql-test/main/func_json.test   | 12 ++++++++++++
 sql/item_jsonfunc.cc             | 20 +++++++++++---------
 3 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/mysql-test/main/func_json.result b/mysql-test/main/func_json.result
index 591e8813a0f..50861c4f7cb 100644
--- a/mysql-test/main/func_json.result
+++ b/mysql-test/main/func_json.result
@@ -1717,5 +1717,16 @@ SELECT JSON_REMOVE('{"A": { "B": 1 }}', '$.A.B.C.D');
 JSON_REMOVE('{"A": { "B": 1 }}', '$.A.B.C.D')
 {"A": {"B": 1}}
 #
+# MDEV-34143: Server crashes when executing JSON_EXTRACT after setting non-default collation_connection
+#
+SET @save_collation_connection= @@collation_connection;
+SET collation_connection='utf16_bin';
+SELECT JSON_EXTRACT('{"a": 1,"b": 2}','$.a');
+JSON_EXTRACT('{"a": 1,"b": 2}','$.a')
+NULL
+Warnings:
+Warning	4036	Character disallowed in JSON in argument 1 to function 'json_extract' at position 2
+SET @@collation_connection= @save_collation_connection;
+#
 # End of 10.5 tests
 #
diff --git a/mysql-test/main/func_json.test b/mysql-test/main/func_json.test
index 9f08c30f7cf..9abdded34d2 100644
--- a/mysql-test/main/func_json.test
+++ b/mysql-test/main/func_json.test
@@ -1147,6 +1147,18 @@ SELECT JSON_TYPE(json_value(JSON_OBJECT("id", 1, "name", 'Monty', "date", Cast('
 SELECT JSON_REMOVE('{"A": { "B": 1 }}', '$.A.B.C.D');
 
 
+
+--echo #
+--echo # MDEV-34143: Server crashes when executing JSON_EXTRACT after setting non-default collation_connection
+--echo #
+
+SET @save_collation_connection= @@collation_connection;
+
+SET collation_connection='utf16_bin';
+SELECT JSON_EXTRACT('{"a": 1,"b": 2}','$.a');
+
+SET @@collation_connection= @save_collation_connection;
+
 --echo #
 --echo # End of 10.5 tests
 --echo #
diff --git a/sql/item_jsonfunc.cc b/sql/item_jsonfunc.cc
index 442c4cbed90..f4cf9022ba9 100644
--- a/sql/item_jsonfunc.cc
+++ b/sql/item_jsonfunc.cc
@@ -1003,11 +1003,18 @@ String *Item_func_json_extract::read_json(String *str,
         je= sav_je;
     }
 
-    for (int count= 0; count < count_path; count++)
+    if ((not_first_value && str->append(", ", 2)))
+      goto error;
+    while(count_path)
     {
-      if (str->append((const char *) value, v_len) ||
-          str->append(", ", 2))
-        goto error; /* Out of memory. */
+      if (str->append((const char *) value, v_len))
+        goto error;
+      count_path--;
+      if (count_path)
+      {
+        if (str->append(", ", 2))
+          goto error;
+      }
     }
 
     not_first_value= 1;
@@ -1029,11 +1036,6 @@ String *Item_func_json_extract::read_json(String *str,
     goto return_null;
   }
 
-  if (str->length()>2)
-  {
-    str->chop();
-    str->chop();
-  }
   if (possible_multiple_values && str->append("]", 1))
     goto error; /* Out of memory. */