Bug#58022 ... like ... escape export_set ( ... ) crashes when export_set returns warnings
ESCAPE argument might be empty string. It leads to server crash under some circumstances. The fix: -added check if ESCAPE argument result is not empty string mysql-test/r/ctype_latin1.result: test case mysql-test/t/ctype_latin1.test: test case sql/item_cmpfunc.cc: -added check if ESCAPE argument result is not empty string
This commit is contained in:
parent
21bc09c26b
commit
1c94d43bbb
@ -409,3 +409,11 @@ select hex(cast(_ascii 0x7f as char(1) character set latin1));
|
|||||||
hex(cast(_ascii 0x7f as char(1) character set latin1))
|
hex(cast(_ascii 0x7f as char(1) character set latin1))
|
||||||
7F
|
7F
|
||||||
End of 5.0 tests
|
End of 5.0 tests
|
||||||
|
#
|
||||||
|
# Bug#58022 ... like ... escape export_set ( ... ) crashes when export_set returns warnings
|
||||||
|
#
|
||||||
|
SELECT '' LIKE '' ESCAPE EXPORT_SET(1, 1, 1, 1, '');
|
||||||
|
'' LIKE '' ESCAPE EXPORT_SET(1, 1, 1, 1, '')
|
||||||
|
1
|
||||||
|
Warnings:
|
||||||
|
Warning 1292 Truncated incorrect INTEGER value: ''
|
||||||
|
@ -127,3 +127,8 @@ DROP TABLE `abc
|
|||||||
select hex(cast(_ascii 0x7f as char(1) character set latin1));
|
select hex(cast(_ascii 0x7f as char(1) character set latin1));
|
||||||
|
|
||||||
--echo End of 5.0 tests
|
--echo End of 5.0 tests
|
||||||
|
|
||||||
|
--echo #
|
||||||
|
--echo # Bug#58022 ... like ... escape export_set ( ... ) crashes when export_set returns warnings
|
||||||
|
--echo #
|
||||||
|
SELECT '' LIKE '' ESCAPE EXPORT_SET(1, 1, 1, 1, '');
|
||||||
|
@ -4692,6 +4692,7 @@ bool Item_func_like::fix_fields(THD *thd, Item **ref)
|
|||||||
String *escape_str= escape_item->val_str(&cmp.value1);
|
String *escape_str= escape_item->val_str(&cmp.value1);
|
||||||
if (escape_str)
|
if (escape_str)
|
||||||
{
|
{
|
||||||
|
const char *escape_str_ptr= escape_str->ptr();
|
||||||
if (escape_used_in_parsing && (
|
if (escape_used_in_parsing && (
|
||||||
(((thd->variables.sql_mode & MODE_NO_BACKSLASH_ESCAPES) &&
|
(((thd->variables.sql_mode & MODE_NO_BACKSLASH_ESCAPES) &&
|
||||||
escape_str->numchars() != 1) ||
|
escape_str->numchars() != 1) ||
|
||||||
@ -4706,9 +4707,9 @@ bool Item_func_like::fix_fields(THD *thd, Item **ref)
|
|||||||
CHARSET_INFO *cs= escape_str->charset();
|
CHARSET_INFO *cs= escape_str->charset();
|
||||||
my_wc_t wc;
|
my_wc_t wc;
|
||||||
int rc= cs->cset->mb_wc(cs, &wc,
|
int rc= cs->cset->mb_wc(cs, &wc,
|
||||||
(const uchar*) escape_str->ptr(),
|
(const uchar*) escape_str_ptr,
|
||||||
(const uchar*) escape_str->ptr() +
|
(const uchar*) escape_str_ptr +
|
||||||
escape_str->length());
|
escape_str->length());
|
||||||
escape= (int) (rc > 0 ? wc : '\\');
|
escape= (int) (rc > 0 ? wc : '\\');
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -4725,13 +4726,13 @@ bool Item_func_like::fix_fields(THD *thd, Item **ref)
|
|||||||
{
|
{
|
||||||
char ch;
|
char ch;
|
||||||
uint errors;
|
uint errors;
|
||||||
uint32 cnvlen= copy_and_convert(&ch, 1, cs, escape_str->ptr(),
|
uint32 cnvlen= copy_and_convert(&ch, 1, cs, escape_str_ptr,
|
||||||
escape_str->length(),
|
escape_str->length(),
|
||||||
escape_str->charset(), &errors);
|
escape_str->charset(), &errors);
|
||||||
escape= cnvlen ? ch : '\\';
|
escape= cnvlen ? ch : '\\';
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
escape= *(escape_str->ptr());
|
escape= escape_str_ptr ? *escape_str_ptr : '\\';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
Loading…
x
Reference in New Issue
Block a user