From b6248f76ed201d524ccc9b33cae2d961a0724c5e Mon Sep 17 00:00:00 2001
From: unknown <evgen@moonbone.local>
Date: Wed, 11 Oct 2006 19:44:12 +0400
Subject: [PATCH] Bug#22138: Unhandled NULL caused server crash

The Cached_item_decimal::cmp() method wasn't checking for null pointer
returned from the val_decimal() of the item being cached.
This leads to server crash.

The Cached_item_decimal::cmp() method now check for null values.


sql/item_buff.cc:
  Bug#22138: Unhandled NULL caused server crash
  The Cached_item_decimal::cmp() method now check for null values.
mysql-test/r/type_decimal.result:
  Added the test case for bug#22138: Unhandled NULL caused server crash
mysql-test/t/type_decimal.test:
  Added the test case for bug#22138: Unhandled NULL caused server crash
---
 mysql-test/r/type_decimal.result | 11 +++++++++++
 mysql-test/t/type_decimal.test   |  9 +++++++++
 sql/item_buff.cc                 | 12 +++++++++---
 3 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/mysql-test/r/type_decimal.result b/mysql-test/r/type_decimal.result
index 8b2c08065e0..c9c42d18d68 100644
--- a/mysql-test/r/type_decimal.result
+++ b/mysql-test/r/type_decimal.result
@@ -779,3 +779,14 @@ select f1 from t1 where f1 in (select f1 from t1);
 f1
 40
 drop table t1;
+create table t1 as
+select from_days(s) as date,t
+from (select 1 as s,'t' as t union select null, null ) as sub1;
+select group_concat(t) from t1 group by week(date)/10;
+group_concat(t)
+t
+Warnings:
+Warning	1292	Truncated incorrect datetime value: '0000-00-00'
+Warning	1292	Truncated incorrect datetime value: '0000-00-00'
+Warning	1292	Truncated incorrect datetime value: '0000-00-00'
+drop table t1;
diff --git a/mysql-test/t/type_decimal.test b/mysql-test/t/type_decimal.test
index 441d750004e..4fdb0c8458f 100644
--- a/mysql-test/t/type_decimal.test
+++ b/mysql-test/t/type_decimal.test
@@ -385,3 +385,12 @@ insert into t1 values (40);
 flush tables;
 select f1 from t1 where f1 in (select f1 from t1);
 drop table t1;
+
+#
+# Bug#22183: Unhandled NULL caused server crash
+#
+create table t1 as
+ select from_days(s) as date,t
+ from (select 1 as s,'t' as t union select null, null ) as sub1;
+select group_concat(t) from t1 group by week(date)/10;
+drop table t1;
diff --git a/sql/item_buff.cc b/sql/item_buff.cc
index 1661f04a4ae..37f9ca7ce6c 100644
--- a/sql/item_buff.cc
+++ b/sql/item_buff.cc
@@ -132,11 +132,17 @@ bool Cached_item_decimal::cmp()
 {
   my_decimal tmp;
   my_decimal *ptmp= item->val_decimal(&tmp);
-  if (null_value != item->null_value || my_decimal_cmp(&value, ptmp))
+  if (null_value != item->null_value ||
+      (!item->null_value && my_decimal_cmp(&value, ptmp)))
   {
     null_value= item->null_value;
-    my_decimal2decimal(ptmp, &value);
-    return TRUE;
+    /* Save only not null values */
+    if (!null_value)
+    {
+      my_decimal2decimal(ptmp, &value);
+      return TRUE;
+    }
+    return FALSE;
   }
   return FALSE;
 }