From 5e5feb84b6211f6fe9bbed767512b7b944f59ec9 Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Fri, 28 Jan 2022 16:53:26 +0100
Subject: [PATCH] MDEV-11241 Certain combining marks cause MariaDB to crash
 when doing Full-Text searches

fix it for Aria too
---
 mysql-test/suite/maria/fulltext2.result | 7 +++++++
 mysql-test/suite/maria/fulltext2.test   | 9 +++++++++
 storage/maria/ma_ft_boolean_search.c    | 6 +-----
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/mysql-test/suite/maria/fulltext2.result b/mysql-test/suite/maria/fulltext2.result
index 1e4e6636ef6..6cffc5cf404 100644
--- a/mysql-test/suite/maria/fulltext2.result
+++ b/mysql-test/suite/maria/fulltext2.result
@@ -84,3 +84,10 @@ select count(*) from t1 where match a against ('aaayyy' in boolean mode);
 count(*)
 0
 drop table t1;
+set names utf8mb4;
+create table t1 (a int, b text, fulltext (b)) charset=utf8mb4 collate=utf8mb4_unicode_ci engine=aria;
+insert t1 values (1000, 'C͓̙̯͔̩ͅͅi̩̘̜̲a̯̲̬̳̜̖̤o͕͓̜͓̺̖̗,̠̬͚ ̺T͇̲h͈̱e ̬̜D̖o̦̖͔̗͖̩̘c̣̼t̝͉̫̮̗o͉̫̭r̙͎̗.͓̪̥');
+select a from t1 where match(b) against ('ciao' in boolean mode);
+a
+1000
+drop table t1;
diff --git a/mysql-test/suite/maria/fulltext2.test b/mysql-test/suite/maria/fulltext2.test
index 060b748eb4f..7bfbe600ff7 100644
--- a/mysql-test/suite/maria/fulltext2.test
+++ b/mysql-test/suite/maria/fulltext2.test
@@ -75,3 +75,12 @@ select count(*) from t1 where match a against ('aaaxxx' in boolean mode);
 select count(*) from t1 where match a against ('aaayyy' in boolean mode);
 
 drop table t1;
+
+#
+# MDEV-11241 Certain combining marks cause MariaDB to crash when doing Full-Text searches
+#
+set names utf8mb4;
+create table t1 (a int, b text, fulltext (b)) charset=utf8mb4 collate=utf8mb4_unicode_ci engine=aria;
+insert t1 values (1000, 'C͓̙̯͔̩ͅͅi̩̘̜̲a̯̲̬̳̜̖̤o͕͓̜͓̺̖̗,̠̬͚ ̺T͇̲h͈̱e ̬̜D̖o̦̖͔̗͖̩̘c̣̼t̝͉̫̮̗o͉̫̭r̙͎̗.͓̪̥');
+select a from t1 where match(b) against ('ciao' in boolean mode);
+drop table t1;
diff --git a/storage/maria/ma_ft_boolean_search.c b/storage/maria/ma_ft_boolean_search.c
index 2f0fba9a0ad..fec9266a760 100644
--- a/storage/maria/ma_ft_boolean_search.c
+++ b/storage/maria/ma_ft_boolean_search.c
@@ -195,11 +195,7 @@ static int ftb_query_add_word(MYSQL_FTPARSER_PARAM *param,
   switch (info->type) {
     case FT_TOKEN_WORD:
       ftbw= (FTB_WORD *)alloc_root(&ftb_param->ftb->mem_root,
-                                   sizeof(FTB_WORD) +
-                                   (info->trunc ? MARIA_MAX_KEY_BUFF :
-                                    word_len * ftb_param->ftb->charset->mbmaxlen +
-                                    HA_FT_WLEN +
-                                    ftb_param->ftb->info->s->rec_reflength));
+                                   sizeof(FTB_WORD) + HA_MAX_KEY_BUFF);
       ftbw->len= word_len + 1;
       ftbw->flags= 0;
       ftbw->off= 0;