1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.

Browse Source 
Variable character_set_results can legally be NULL (for "no conversion.")
This could result in a NULL deref that crashed the server.  Fixed.

(Although ran some additional precursory tests to see whether I could break
anything else, but no breakage so far.)


mysql-test/r/func_time.result:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Prove DATE_FORMAT() no longer crashes the server when character_set_results is
  NULL (which is a legal value and means, "no conversion").
mysql-test/t/func_time.test:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Prove DATE_FORMAT() no longer crashes the server when character_set_results is
  NULL (which is a legal value and means, "no conversion").
sql/sql_string.cc:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Avoid NULL deref in my_charset_same() -- if !to_cs, we won't need to compare
  because it is magic for, "no conversion."
This commit is contained in:
unknown 2006-09-04 06:16:34 +02:00
parent 76f65b3fb3
commit 617189958b
3 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
mysql-test/r/func_time.result
View File

@ -688,3 +688,15 @@ t1 CREATE TABLE `t1` (
`from_unixtime(1) + 0` double(23,6) default NULL `from_unixtime(1) + 0` double(23,6) default NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1 ) ENGINE=MyISAM DEFAULT CHARSET=latin1
drop table t1; drop table t1;
SET NAMES latin1;
SET character_set_results = NULL;
SHOW VARIABLES LIKE 'character_set_results';
Variable_name Value
character_set_results
CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY);
INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd');
SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868;
fmtddate field2
Sep-4 12:00AM abcd
DROP TABLE testBug8868;
SET NAMES DEFAULT;

18
mysql-test/t/func_time.test
View File

@ -358,4 +358,22 @@ create table t1 select now() - now(), curtime() - curtime(),
show create table t1; show create table t1;
drop table t1; drop table t1;
#
# 21913: DATE_FORMAT() Crashes mysql server if I use it through
# mysql-connector-j driver.
#
SET NAMES latin1;
SET character_set_results = NULL;
SHOW VARIABLES LIKE 'character_set_results';
CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY);
INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd');
SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868;
DROP TABLE testBug8868;
SET NAMES DEFAULT;
# End of 4.1 tests # End of 4.1 tests

7
sql/sql_string.cc
View File

@ -248,6 +248,10 @@ bool String::copy(const char *str,uint32 arg_length, CHARSET_INFO *cs)
0 No conversion needed 0 No conversion needed
1 Either character set conversion or adding leading zeros 1 Either character set conversion or adding leading zeros
(e.g. for UCS-2) must be done (e.g. for UCS-2) must be done
NOTE
to_cs may be NULL for "no conversion" if the system variable
character_set_results is NULL.
*/ */
bool String::needs_conversion(uint32 arg_length, bool String::needs_conversion(uint32 arg_length,
@ -256,7 +260,8 @@ bool String::needs_conversion(uint32 arg_length,
uint32 *offset) uint32 *offset)
{ {
*offset= 0; *offset= 0;
if ((to_cs == &my_charset_bin) || if (!to_cs ||
(to_cs == &my_charset_bin) ||
(to_cs == from_cs) || (to_cs == from_cs) ||
my_charset_same(from_cs, to_cs) || my_charset_same(from_cs, to_cs) ||
((from_cs == &my_charset_bin) && ((from_cs == &my_charset_bin) &&