mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-05-16 20:07:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fixed bug #30120.

Browse source 
SP with local variables with non-ASCII names crashed the server.

The server replaces SP local variable names with NAME_CONST calls
when putting statements into the binary log. It used UTF8-encoded
item names as variable names for the replacement inside NAME_CONST
calls. However, statement string may be encoded by any
known character set by the SET NAMES statement.
The server used byte length of UTF8-encoded names to increment
the position in the query string that led to array index overrun.


sql/item.cc:
  Fixed bug #30120.
  The Item_splocal class constructor has been modified to
  accept new parameter `len_in_q': the byte length of
  variable name in the query string.
sql/item.h:
  Fixed bug #30120.
  The Item_splocal class has been modified to keep new
  field `len_in_query': the byte length of variable name in
  the query string.
sql/sp_head.cc:
  Fixed bug #30120.
  The subst_spvars function has been modified to increment
  position in the query string by the lengths of not
  encoded variable names instead of byte length of names
  encoded to UTF-8.
sql/sql_yacc.yy:
  Fixed bug #30120.
  The simple_ident rule action has been modified to
  pass the byte length of the local variable name token
  to the Item_splocal object constructor.
mysql-test/t/sp.test:
  Updated test case for bug #30120.
mysql-test/r/sp.result:
  Updated test case for bug #30120.
This commit is contained in:
unknown 2007-07-30 04:35:16 +05:00
commit 33fc4ad4e1
6 changed files with 47 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

11
mysql-test/r/sp.result
View file

@ -6303,4 +6303,15 @@ DROP VIEW v1;
DROP FUNCTION f1;
DROP FUNCTION f2;
DROP TABLE t1;
SET NAMES latin1;
CREATE PROCEDURE p1()
BEGIN
DECLARE áâä INT;
SELECT áâä;
END|
CALL p1();
áâä
NULL
SET NAMES default;
DROP PROCEDURE p1;
End of 5.0 tests

21
mysql-test/t/sp.test
View file

@ -7278,4 +7278,25 @@ DROP FUNCTION f1;
DROP FUNCTION f2;
DROP TABLE t1;
#
# Bug #30120 SP with local variables with non-ASCII names crashes server.
#
SET NAMES latin1;
DELIMITER |;
CREATE PROCEDURE p1()
BEGIN
DECLARE áâä INT;
SELECT áâä;
END|
DELIMITER ;|
CALL p1();
SET NAMES default;
DROP PROCEDURE p1;
--echo End of 5.0 tests