From ac55fc7adb32a1766aae6953895e4ffe7d99474b Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 26 May 2005 14:02:18 -0500 Subject: [PATCH 01/11] Bug #10181 mysqld.exe crash with an access violation after INSERT INTO mysql.host sql_acl.cc: Make sure host.db is a valid string pointer before we do our lower_case_table_names comparison sql/sql_acl.cc: Make sure host.db is a valid string pointer before we do our lower_case_table_names comparison --- sql/sql_acl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 02da05d195f..ae360fab019 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -198,7 +198,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) ACL_HOST host; update_hostname(&host.host,get_field(&mem, table->field[0])); host.db= get_field(&mem, table->field[1]); - if (lower_case_table_names) + if (lower_case_table_names && host.db) { /* We make a temporary copy of the database, force it to lower case, From c744e2747933de77f062b8e44320627dd8d32080 Mon Sep 17 00:00:00 2001 From: unknown Date: Tue, 31 May 2005 07:21:10 -0500 Subject: [PATCH 02/11] BUG# 10181-mysqld.exe crash with an access vioation after INSERT INTO mysql.host this is a followup cset after changes suggested by Serg. sql/sql_acl.cc: removed extra parameters used in sql_print_warning added code to output "" when host.db is null in the top sql_print_warning call --- sql/sql_acl.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ae360fab019..c7a16c96d69 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -222,7 +222,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) { sql_print_warning("'host' entry '%s|%s' " "ignored in --skip-name-resolve mode.", - host.host.hostname, host.db, host.host.hostname); + host.host.hostname, host.db?host.db:""); continue; } #ifndef TO_BE_REMOVED @@ -290,7 +290,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) { sql_print_warning("'user' entry '%s@%s' " "ignored in --skip-name-resolve mode.", - user.user, user.host.hostname, user.host.hostname); + user.user, user.host.hostname); continue; } @@ -393,7 +393,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) { sql_print_warning("'db' entry '%s %s@%s' " "ignored in --skip-name-resolve mode.", - db.db, db.user, db.host.hostname, db.host.hostname); + db.db, db.user, db.host.hostname); continue; } db.access=get_access(table,3); @@ -2690,7 +2690,7 @@ my_bool grant_init(THD *org_thd) sql_print_warning("'tables_priv' entry '%s %s@%s' " "ignored in --skip-name-resolve mode.", mem_check->tname, mem_check->user, - mem_check->host, mem_check->host); + mem_check->host); continue; } } From f956ecd09a4897b5f7e65a0441445a52406a3a8a Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 3 Jun 2005 17:13:43 +0200 Subject: [PATCH 03/11] Bug #10901 Analyze table corrupts the state on data_file_length, records, index_file_length... by writing the shared state when there is an updated internal state due to inserts or deletes Fixed by synching the shared state with the internal state before writing it to disk Added test cases of 2 error cases and a normal case in new analyze test case BitKeeper/etc/logging_ok: Logging to logging@openlogging.org accepted --- BitKeeper/etc/logging_ok | 1 + myisam/mi_check.c | 6 ++++++ mysql-test/r/analyze.result | 32 ++++++++++++++++++++++++++++++ mysql-test/t/analyze.test | 39 +++++++++++++++++++++++++++++++++++++ 4 files changed, 78 insertions(+) create mode 100644 mysql-test/r/analyze.result create mode 100644 mysql-test/t/analyze.test diff --git a/BitKeeper/etc/logging_ok b/BitKeeper/etc/logging_ok index 499e3cdd4f5..f20e8ebc953 100644 --- a/BitKeeper/etc/logging_ok +++ b/BitKeeper/etc/logging_ok @@ -104,6 +104,7 @@ monty@tik. monty@tik.mysql.fi monty@tramp.mysql.fi monty@work.mysql.com +mronstrom@mysql.com mwagner@cash.mwagner.org mwagner@evoq.mwagner.org mwagner@here.mwagner.org diff --git a/myisam/mi_check.c b/myisam/mi_check.c index e78d831fde7..16946adb3e8 100644 --- a/myisam/mi_check.c +++ b/myisam/mi_check.c @@ -3623,6 +3623,12 @@ int update_state_info(MI_CHECK *param, MI_INFO *info,uint update) if (!share->state.create_time) share->state.create_time=share->state.check_time; } + /* + When tables are locked we haven't synched the share state and the + real state for a while so we better do it here before synching + the share state to disk. + */ + share->state.state= *info->state; if (mi_state_info_write(share->kfile,&share->state,1+2)) goto err; share->changed=0; diff --git a/mysql-test/r/analyze.result b/mysql-test/r/analyze.result new file mode 100644 index 00000000000..0b44a502b13 --- /dev/null +++ b/mysql-test/r/analyze.result @@ -0,0 +1,32 @@ +create table t1 (a bigint); +lock tables t1 write; +insert into t1 values(0); +analyze table t1; +Table Op Msg_type Msg_text +test.t1 analyze status OK +unlock tables; +check table t1; +Table Op Msg_type Msg_text +test.t1 check status OK +drop table t1; +create table t1 (a bigint); +insert into t1 values(0); +lock tables t1 write; +delete from t1; +analyze table t1; +Table Op Msg_type Msg_text +test.t1 analyze status OK +unlock tables; +check table t1; +Table Op Msg_type Msg_text +test.t1 check status OK +drop table t1; +create table t1 (a bigint); +insert into t1 values(0); +analyze table t1; +Table Op Msg_type Msg_text +test.t1 analyze status OK +check table t1; +Table Op Msg_type Msg_text +test.t1 check status OK +drop table t1; diff --git a/mysql-test/t/analyze.test b/mysql-test/t/analyze.test new file mode 100644 index 00000000000..faf30279c68 --- /dev/null +++ b/mysql-test/t/analyze.test @@ -0,0 +1,39 @@ +# +# Bug #10901 Analyze Table on new table destroys table +# This is minimal test case to get error +# The problem was that analyze table wrote the shared state to the file and this +# didn't include the inserts while locked. A check was needed to ensure that +# state information was not updated when executing analyze table for a locked table. +# The analyze table had to be within locks and check table had to be after unlocking +# since then it brings the wrong state from disk rather than from the currently +# correct internal state. The insert is needed since it changes the file state, +# number of records. +# The fix is to synchronise the state of the shared state and the current state before +# calling mi_state_info_write +# +create table t1 (a bigint); +lock tables t1 write; +insert into t1 values(0); +analyze table t1; +unlock tables; +check table t1; + +drop table t1; + +create table t1 (a bigint); +insert into t1 values(0); +lock tables t1 write; +delete from t1; +analyze table t1; +unlock tables; +check table t1; + +drop table t1; + +create table t1 (a bigint); +insert into t1 values(0); +analyze table t1; +check table t1; + +drop table t1; + From 26bd158216e600c5f7ec7eaec9007fa761ea5195 Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 3 Jun 2005 22:52:24 +0200 Subject: [PATCH 04/11] Bug #10901 After review fix Copy from internal state to share state only when in lock write mode (happens only when lock table x write has been performed since update_state_info is only called when holding a TL_READ_NO_INSERT lock normally. Previous patch would have failed in combination with delayed writes. --- myisam/mi_check.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/myisam/mi_check.c b/myisam/mi_check.c index 16946adb3e8..a7c3d2a6f7e 100644 --- a/myisam/mi_check.c +++ b/myisam/mi_check.c @@ -3626,9 +3626,11 @@ int update_state_info(MI_CHECK *param, MI_INFO *info,uint update) /* When tables are locked we haven't synched the share state and the real state for a while so we better do it here before synching - the share state to disk. + the share state to disk. Only when table is write locked is it + necessary to perform this synch. */ - share->state.state= *info->state; + if (info->lock_type == F_WRLCK) + share->state.state= *info->state; if (mi_state_info_write(share->kfile,&share->state,1+2)) goto err; share->changed=0; From 575a46a1efe314b69c392482637af17c97c046e0 Mon Sep 17 00:00:00 2001 From: unknown Date: Tue, 7 Jun 2005 22:43:25 +0200 Subject: [PATCH 05/11] bug#5373: handler READ NEXT w/o HANDLER READ [FIRST] check table->file->inited to catch incorrect calling sequence. mysql-test/r/innodb_handler.result: bug#5373: handler READ NEXT w/o HANDLER READ [FIRST] mysql-test/t/innodb_handler.test: bug#5373: handler READ NEXT w/o HANDLER READ [FIRST] sql/sql_handler.cc: cleanup: call index_init *correctly*, not every time. check table->file->inited to catch incorrect calling sequence. --- mysql-test/r/innodb_handler.result | 16 +++++++++++ mysql-test/t/innodb_handler.test | 10 +++++++ sql/sql_handler.cc | 46 +++++++++++++++++++----------- 3 files changed, 55 insertions(+), 17 deletions(-) diff --git a/mysql-test/r/innodb_handler.result b/mysql-test/r/innodb_handler.result index 7f4960ffa35..7e853a55e37 100644 --- a/mysql-test/r/innodb_handler.result +++ b/mysql-test/r/innodb_handler.result @@ -132,6 +132,22 @@ a b handler t2 read last; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 handler t2 close; +handler t1 open; +handler t1 read a next; +a b +14 aaa +handler t1 read a next; +a b +15 bbb +handler t1 close; +handler t1 open; +handler t1 read a prev; +a b +22 iii +handler t1 read a prev; +a b +21 hhh +handler t1 close; handler t1 open as t2; handler t2 read first; a b diff --git a/mysql-test/t/innodb_handler.test b/mysql-test/t/innodb_handler.test index e8c486caf66..65728519e7b 100644 --- a/mysql-test/t/innodb_handler.test +++ b/mysql-test/t/innodb_handler.test @@ -69,6 +69,16 @@ handler t2 read next; handler t2 read last; handler t2 close; +handler t1 open; +handler t1 read a next; # this used to crash as a bug#5373 +handler t1 read a next; +handler t1 close; + +handler t1 open; +handler t1 read a prev; # this used to crash as a bug#5373 +handler t1 read a prev; +handler t1 close; + handler t1 open as t2; handler t2 read first; alter table t1 engine=innodb; diff --git a/sql/sql_handler.cc b/sql/sql_handler.cc index aa791276404..491b82c1c1d 100644 --- a/sql/sql_handler.cc +++ b/sql/sql_handler.cc @@ -429,12 +429,10 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, } tables->table=table; - if (cond && ((!cond->fixed && + if (cond && ((!cond->fixed && cond->fix_fields(thd, tables, &cond)) || cond->check_cols(1))) goto err0; - table->file->init_table_handle_for_HANDLER(); // Only InnoDB requires it - if (keyname) { if ((keyno=find_type(keyname, &table->keynames, 1+2)-1)<0) @@ -443,8 +441,6 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, keyname,tables->alias); goto err0; } - table->file->ha_index_or_rnd_end(); - table->file->ha_index_init(keyno); } if (insert_fields(thd,tables,tables->db,tables->alias,&it)) @@ -471,9 +467,22 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, for (num_rows=0; num_rows < select_limit; ) { switch (mode) { + case RNEXT: + if (table->file->inited != handler::NONE) + { + err=keyname ? + table->file->index_next(table->record[0]) : + table->file->rnd_next(table->record[0]); + break; + } + /* else fall through */ case RFIRST: if (keyname) + { + table->file->ha_index_or_rnd_end(); + table->file->ha_index_init(keyno); err=table->file->index_first(table->record[0]); + } else { table->file->ha_index_or_rnd_end(); @@ -482,19 +491,20 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, } mode=RNEXT; break; - case RLAST: - DBUG_ASSERT(keyname != 0); - err=table->file->index_last(table->record[0]); - mode=RPREV; - break; - case RNEXT: - err=keyname ? - table->file->index_next(table->record[0]) : - table->file->rnd_next(table->record[0]); - break; case RPREV: DBUG_ASSERT(keyname != 0); - err=table->file->index_prev(table->record[0]); + if (table->file->inited != handler::NONE) + { + err=table->file->index_prev(table->record[0]); + break; + } + /* else fall through */ + case RLAST: + DBUG_ASSERT(keyname != 0); + table->file->ha_index_or_rnd_end(); + table->file->ha_index_init(keyno); + err=table->file->index_last(table->record[0]); + mode=RPREV; break; case RNEXT_SAME: /* Continue scan on "(keypart1,keypart2,...)=(c1, c2, ...) */ @@ -517,7 +527,7 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, for (key_len=0 ; (item=it_ke++) ; key_part++) { // 'item' can be changed by fix_fields() call - if ((!item->fixed && + if ((!item->fixed && item->fix_fields(thd, tables, it_ke.ref())) || (item= *it_ke.ref())->check_cols(1)) goto err; @@ -535,6 +545,8 @@ int mysql_ha_read(THD *thd, TABLE_LIST *tables, goto err; } key_copy(key, table, keyno, key_len); + table->file->ha_index_or_rnd_end(); + table->file->ha_index_init(keyno); err=table->file->index_read(table->record[0], key,key_len,ha_rkey_mode); mode=rkey_to_rnext[(int)ha_rkey_mode]; From 777899a6f568105ab6242516300acd937a9785ec Mon Sep 17 00:00:00 2001 From: unknown Date: Tue, 7 Jun 2005 15:45:03 -0500 Subject: [PATCH 06/11] improved mapping from numerical open codes to string fopen codes. This was necessary because the old code would return "w+" for O_RDONLY|O_SHARE for example. mysys/my_fopen.c: improved mapping from numerical open codes to string fopen codes. --- mysys/my_fopen.c | 62 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 41 insertions(+), 21 deletions(-) diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c index 3c6f1b15384..9dbac65b098 100644 --- a/mysys/my_fopen.c +++ b/mysys/my_fopen.c @@ -158,32 +158,52 @@ FILE *my_fdopen(File Filedes, const char *name, int Flags, myf MyFlags) DBUG_RETURN(fd); } /* my_fdopen */ +/* + make_ftype + Make a filehandler-open-typestring from ordinary inputflags - /* Make a filehandler-open-typestring from ordinary inputflags */ - + Note: This routine attempts to find the best possible match + between a numeric option and a string option that could be + fed to fopen. There is not a 1 to 1 mapping between the two. + + r == O_RDONLY + w == O_WRONLY|O_TRUNC|O_CREAT + a == O_WRONLY|O_APPEND|O_CREAT + r+ == O_RDWR + w+ == O_RDWR|O_TRUNC|O_CREAT + a+ == O_RDWR|O_APPEND|O_CREAT +*/ static void make_ftype(register my_string to, register int flag) { -#if FILE_BINARY /* If we have binary-files */ +#if FILE_BINARY + /* If we have binary-files */ reg3 int org_flag=flag; -#endif - flag&= ~FILE_BINARY; /* remove binary bit */ - if (flag == O_RDONLY) - *to++= 'r'; - else if (flag == O_WRONLY) - *to++= 'w'; - else - { /* Add '+' after theese */ - if (flag == O_RDWR) +#endif + flag&= ~FILE_BINARY; /* remove binary bit */ + + /* check some possible invalid combinations */ + DBUG_ASSERT(flag & (O_TRUNC|O_APPEND) != O_TRUNC|O_APPEND); + + if (flag & (O_RDONLY|O_WRONLY) == O_WRONLY) + *to++= (flag & O_TRUNC) ? 'w' : 'a'; + else if (flag & O_RDWR) + { + /* Add '+' after theese */ + if (flag & O_TRUNC) + *to++= 'w'; + else if (flag & O_APPEND) + *to++= 'a'; + else *to++= 'r'; - else if (flag & O_APPEND) - *to++= 'a'; - else - *to++= 'w'; /* Create file */ - *to++= '+'; - } -#if FILE_BINARY /* If we have binary-files */ - if (org_flag & FILE_BINARY) + *to++= '+'; + } + else + *to++= 'r'; + +#if FILE_BINARY /* If we have binary-files */ + if (org_flag & FILE_BINARY) *to++='b'; -#endif +#endif *to='\0'; } /* make_ftype */ + From af0287be3c97eb1a4e42c6dd1b32e47b918139ce Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 9 Jun 2005 08:07:48 +0200 Subject: [PATCH 07/11] ndb - autotest small script fixes - Don't use hostname -s as it's linux specific - Don't remove result unless scp worked ndb/test/run-test/ndb-autotest.sh: Don't use hostname -s as it's linux specific Don't remove result unless scp worked --- ndb/test/run-test/ndb-autotest.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ndb/test/run-test/ndb-autotest.sh b/ndb/test/run-test/ndb-autotest.sh index 3ba4d1928d5..09087a8a8c7 100755 --- a/ndb/test/run-test/ndb-autotest.sh +++ b/ndb/test/run-test/ndb-autotest.sh @@ -13,7 +13,7 @@ save_args=$* VERSION="ndb-autotest.sh version 1.04" DATE=`date '+%Y-%m-%d'` -HOST=`hostname -s` +HOST=`hostname` export DATE HOST set -e @@ -330,7 +330,10 @@ start(){ tar cfz /tmp/res.$2.$$.tgz `basename $p2`/$DATE scp /tmp/res.$2.$$.tgz \ $result_host:$result_path/res.$DATE.$HOST.$2.$$.tgz - rm -f /tmp/res.$2.$$.tgz + if [ $? -eq 0 ] + then + rm -f /tmp/res.$2.$$.tgz + fi fi } From 897b3c50e8cd5d80e61b8ae8276604a7e3d76ba5 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 9 Jun 2005 13:13:02 +0500 Subject: [PATCH 08/11] a fix (bug #11193: error messages gets garbled after reggies latest changeset: ChangeSet@1.2260.1.). --- mysys/my_fopen.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c index 9dbac65b098..002e5ca0f06 100644 --- a/mysys/my_fopen.c +++ b/mysys/my_fopen.c @@ -185,11 +185,11 @@ static void make_ftype(register my_string to, register int flag) DBUG_ASSERT(flag & (O_TRUNC|O_APPEND) != O_TRUNC|O_APPEND); if (flag & (O_RDONLY|O_WRONLY) == O_WRONLY) - *to++= (flag & O_TRUNC) ? 'w' : 'a'; + *to++= (flag & O_APPEND) ? 'a' : 'w'; else if (flag & O_RDWR) { /* Add '+' after theese */ - if (flag & O_TRUNC) + if (flag & (O_TRUNC | O_CREAT)) *to++= 'w'; else if (flag & O_APPEND) *to++= 'a'; From f160958770ce85fe0d26f3b816d059caaf2fd67d Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 9 Jun 2005 14:39:29 +0500 Subject: [PATCH 09/11] Fix for bug#10732: Set SQL_MODE to NULL gives garbled error message generate proper error message if we use SET ... = NULL for 'set' variables --- mysql-test/r/sql_mode.result | 2 ++ mysql-test/t/sql_mode.test | 5 +++++ sql/set_var.cc | 3 +++ 3 files changed, 10 insertions(+) diff --git a/mysql-test/r/sql_mode.result b/mysql-test/r/sql_mode.result index c18be2df403..652913d1fdb 100644 --- a/mysql-test/r/sql_mode.result +++ b/mysql-test/r/sql_mode.result @@ -138,3 +138,5 @@ t1 CREATE TABLE `t1` ( `min_num` decimal(7,6) default '0.000001' ) ENGINE=MyISAM DEFAULT CHARSET=latin1 drop table t1 ; +set @@SQL_MODE=NULL; +ERROR 42000: Variable 'sql_mode' can't be set to the value of 'NULL' diff --git a/mysql-test/t/sql_mode.test b/mysql-test/t/sql_mode.test index f841d36e837..985c0853bd2 100644 --- a/mysql-test/t/sql_mode.test +++ b/mysql-test/t/sql_mode.test @@ -80,3 +80,8 @@ create table t1 ( min_num dec(6,6) default .000001); show create table t1; drop table t1 ; +# +# Bug #10732: Set SQL_MODE to NULL gives garbled error message +# +--error 1231 +set @@SQL_MODE=NULL; diff --git a/sql/set_var.cc b/sql/set_var.cc index 0fa9932dbbc..0f13a8a7f2d 100644 --- a/sql/set_var.cc +++ b/sql/set_var.cc @@ -1515,7 +1515,10 @@ bool sys_var::check_set(THD *thd, set_var *var, TYPELIB *enum_names) if (var->value->result_type() == STRING_RESULT) { if (!(res= var->value->val_str(&str))) + { + strmake(buff, "NULL", 4); goto err; + } var->save_result.ulong_value= ((ulong) find_set(enum_names, res->c_ptr(), res->length(), From 0e54a4e84f11d13421e85b93d1fac51c31f92bf0 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 9 Jun 2005 12:26:45 +0200 Subject: [PATCH 10/11] update result file for ps7_ndb mysql-test/r/ps_7ndb.result: fix result file --- mysql-test/r/ps_7ndb.result | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mysql-test/r/ps_7ndb.result b/mysql-test/r/ps_7ndb.result index e7a4ff40e2b..f5750d947b5 100644 --- a/mysql-test/r/ps_7ndb.result +++ b/mysql-test/r/ps_7ndb.result @@ -1151,13 +1151,13 @@ execute stmt1; Catalog Database Table Table_alias Column Column_alias Type Length Max length Is_null Flags Decimals Charsetnr def id 8 3 1 N 32929 0 63 def select_type 253 19 6 N 1 31 8 -def table 253 64 2 N 1 31 8 -def type 253 10 3 N 1 31 8 +def table 253 64 2 Y 0 31 8 +def type 253 10 3 Y 0 31 8 def possible_keys 253 4096 0 Y 0 31 8 def key 253 64 0 Y 0 31 8 def key_len 8 3 0 Y 32928 0 63 def ref 253 1024 0 Y 0 31 8 -def rows 8 10 1 N 32929 0 63 +def rows 8 10 1 Y 32928 0 63 def Extra 253 255 0 N 1 31 8 id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t9 ALL NULL NULL NULL NULL 2 From c995109b699a56e94bbc82754b17622f271ebb39 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 9 Jun 2005 16:06:15 +0100 Subject: [PATCH 11/11] Bug#11028 Crash on create table like Report error instead of crashing mysql-test/r/create.result: Test for bug 11028 mysql-test/t/create.test: Test for bug 11028 sql/sql_table.cc: fix for null db name --- mysql-test/r/create.result | 6 ++++++ mysql-test/t/create.test | 11 +++++++++++ sql/sql_table.cc | 15 ++++++++++----- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/mysql-test/r/create.result b/mysql-test/r/create.result index de3840447dc..4c4b388388a 100644 --- a/mysql-test/r/create.result +++ b/mysql-test/r/create.result @@ -580,3 +580,9 @@ ERROR 42000: Incorrect database name 'xyz' create table t1(t1.name int); create table t2(test.t2.name int); drop table t1,t2; +create database mysqltest; +use mysqltest; +drop database mysqltest; +create table test.t1 like x; +ERROR 42000: Incorrect database name 'NULL' +drop table if exists test.t1; diff --git a/mysql-test/t/create.test b/mysql-test/t/create.test index b73cd28c71c..ca3446b46fc 100644 --- a/mysql-test/t/create.test +++ b/mysql-test/t/create.test @@ -492,3 +492,14 @@ create table t1(t1.name int); create table t2(test.t2.name int); drop table t1,t2; +# +# Bug#11028: Crash on create table like +# +create database mysqltest; +use mysqltest; +drop database mysqltest; +--error 1102 +create table test.t1 like x; +--disable_warnings +drop table if exists test.t1; +--enable_warnings diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 3aa6da7ad0c..e2e6ee23323 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -2298,26 +2298,31 @@ int mysql_create_like_table(THD* thd, TABLE_LIST* table, char src_path[FN_REFLEN], dst_path[FN_REFLEN]; char *db= table->db; char *table_name= table->real_name; - char *src_db= thd->db; + char *src_db; char *src_table= table_ident->table.str; int err, res= -1; TABLE_LIST src_tables_list; DBUG_ENTER("mysql_create_like_table"); + src_db= table_ident->db.str ? table_ident->db.str : thd->db; /* Validate the source table */ if (table_ident->table.length > NAME_LEN || (table_ident->table.length && - check_table_name(src_table,table_ident->table.length)) || - table_ident->db.str && check_db_name((src_db= table_ident->db.str))) + check_table_name(src_table,table_ident->table.length))) { my_error(ER_WRONG_TABLE_NAME, MYF(0), src_table); DBUG_RETURN(-1); } + if (!src_db || check_db_name(src_db)) + { + my_error(ER_WRONG_DB_NAME, MYF(0), src_db ? src_db : "NULL"); + DBUG_RETURN(-1); + } - src_tables_list.db= table_ident->db.str ? table_ident->db.str : thd->db; - src_tables_list.real_name= table_ident->table.str; + src_tables_list.db= src_db; + src_tables_list.real_name= src_table; src_tables_list.next= 0; if (lock_and_wait_for_table_name(thd, &src_tables_list))