diff --git a/mysql-test/r/xml.result b/mysql-test/r/xml.result
index af4cf8efedd..f5cf30e865b 100644
--- a/mysql-test/r/xml.result
+++ b/mysql-test/r/xml.result
@@ -1101,3 +1101,16 @@ ERROR 22007: Illegal double '111111111111111111111111111111111111111111111111111
 SELECT EXTRACTVALUE('', LPAD(0.1111E-15, '2011', 1));
 ERROR 22007: Illegal double '111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111' value found during parsing
 End of 5.1 tests
+#
+# Start of 5.5 tests
+#
+#
+# Bug#58175 xml functions read initialized bytes when conversions happen
+#
+SET NAMES latin1;
+SELECT UPDATEXML(CONVERT('' USING swe7), TRUNCATE('',1), 0);
+UPDATEXML(CONVERT('' USING swe7), TRUNCATE('',1), 0)
+NULL
+#
+# End of 5.5 tests
+#
diff --git a/mysql-test/t/xml.test b/mysql-test/t/xml.test
index e9f137adf1b..4d5c5e1a91e 100644
--- a/mysql-test/t/xml.test
+++ b/mysql-test/t/xml.test
@@ -628,3 +628,18 @@ SELECT EXTRACTVALUE('', LPAD(0.1111E-15, '2011', 1));
 
 
 --echo End of 5.1 tests
+
+
+--echo #
+--echo # Start of 5.5 tests
+--echo #
+
+--echo #
+--echo # Bug#58175 xml functions read initialized bytes when conversions happen
+--echo #
+SET NAMES latin1;
+SELECT UPDATEXML(CONVERT('' USING swe7), TRUNCATE('',1), 0);
+
+--echo #
+--echo # End of 5.5 tests
+--echo #
diff --git a/sql/item.cc b/sql/item.cc
index 5433693b513..e14c3c95934 100644
--- a/sql/item.cc
+++ b/sql/item.cc
@@ -5527,10 +5527,27 @@ static uint nr_of_decimals(const char *str, const char *end)
       break;
   }
   decimal_point= str;
-  for (; my_isdigit(system_charset_info, *str) ; str++)
+  for ( ; str < end && my_isdigit(system_charset_info, *str) ; str++)
     ;
-  if (*str == 'e' || *str == 'E')
+  if (str < end && (*str == 'e' || *str == 'E'))
     return NOT_FIXED_DEC;
+  /*
+    QQ:
+    The number of decimal digist in fact should be (str - decimal_point - 1).
+    But it seems the result of nr_of_decimals() is never used!
+
+    In case of 'e' and 'E' nr_of_decimals returns NOT_FIXED_DEC.
+    In case if there is no 'e' or 'E' parser code in sql_yacc.yy
+    never calls Item_float::Item_float() - it creates Item_decimal instead.
+
+    The only piece of code where we call Item_float::Item_float(str, len)
+    without having 'e' or 'E' is item_xmlfunc.cc, but this Item_float
+    never appears in metadata itself. Changing the code to return
+    (str - decimal_point - 1) does not make any changes in the test results.
+
+    This should be addressed somehow.
+    Looks like a reminder from before real DECIMAL times.
+  */
   return (uint) (str - decimal_point);
 }