mirror of
https://github.com/MariaDB/server.git
synced 2026-05-03 13:45:34 +02:00
Fixed unlikely stack bug when having a BIG expression of type 1+1-1+1-1... in certain combinations. Bug #871
This commit is contained in:
monty@narttu.mysql.fi
parent
fe9dc5e711
commit
381202354b
3 changed files with 80 additions and 26 deletions
|
|
@ -177,7 +177,7 @@ compute=no # Compute
|
|||
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'compute sum(a) by a' at line 1
|
||||
###
|
||||
###As far as some queries didnt return OK, result is NO
|
||||
connections=99 # Simultaneous connections (installation default)
|
||||
connections=101 # Simultaneous connections (installation default)
|
||||
constraint_check=syntax only # Column constraints
|
||||
###< create table crash_q (a int check (a>0))
|
||||
###> OK
|
||||
|
|
@ -345,7 +345,7 @@ date_format_inresult=iso # Date format in result
|
|||
###> OK
|
||||
###
|
||||
###< select a from crash_me_d
|
||||
###> 2003-03-26
|
||||
###> 2003-08-27
|
||||
###< delete from crash_me_d
|
||||
###> OK
|
||||
date_infinity=error # Supports 'infinity dates
|
||||
|
|
@ -695,7 +695,7 @@ func_extra_elt=yes # Function ELT
|
|||
func_extra_encrypt=yes # Function ENCRYPT
|
||||
###
|
||||
###<select encrypt('hello')
|
||||
###>tJNum3fO44bOE
|
||||
###>tHrzZO8Aq1FG6
|
||||
func_extra_expand2arg=no # Function EXPAND
|
||||
###
|
||||
###<select expand('abcd',6)
|
||||
|
|
@ -991,7 +991,7 @@ func_extra_subtime=no # Function SUBTIME
|
|||
func_extra_sysdate=yes # Function SYSDATE
|
||||
###
|
||||
###<select sysdate()
|
||||
###>2003-03-26 13:44:57
|
||||
###>2003-08-27 19:55:21
|
||||
func_extra_tail=no # Function TAIL
|
||||
###
|
||||
###<select tail('ABCDEFG',3)
|
||||
|
|
@ -1056,7 +1056,7 @@ func_extra_uid=no # Function UID
|
|||
func_extra_unix_timestamp=yes # Function UNIX_TIMESTAMP
|
||||
###
|
||||
###<select unix_timestamp()
|
||||
###>1048679097
|
||||
###>1062003321
|
||||
func_extra_userenv=no # Function USERENV
|
||||
###
|
||||
###<select userenv
|
||||
|
|
@ -1068,7 +1068,7 @@ func_extra_value=no # Function VALUE
|
|||
func_extra_version=yes # Function VERSION
|
||||
###
|
||||
###<select version()
|
||||
###>4.0.12-debug
|
||||
###>4.0.15-debug-log
|
||||
func_extra_weekday=yes # Function WEEKDAY
|
||||
###
|
||||
###<select weekday('1997-11-29') from crash_me_d
|
||||
|
|
@ -1136,11 +1136,11 @@ func_odbc_cot=yes # Function COT
|
|||
func_odbc_curdate=yes # Function CURDATE
|
||||
###
|
||||
###<select curdate()
|
||||
###>2003-03-26
|
||||
###>2003-08-27
|
||||
func_odbc_curtime=yes # Function CURTIME
|
||||
###
|
||||
###<select curtime()
|
||||
###>13:44:57
|
||||
###>19:55:21
|
||||
func_odbc_database=yes # Function DATABASE
|
||||
###
|
||||
###<select database()
|
||||
|
|
@ -1269,7 +1269,7 @@ func_odbc_monthname=yes # Function MONTHNAME
|
|||
func_odbc_now=yes # Function NOW
|
||||
###
|
||||
###<select now()
|
||||
###>2003-03-26 13:44:57
|
||||
###>2003-08-27 19:55:21
|
||||
func_odbc_pi=yes # Function PI
|
||||
###
|
||||
###<select pi()
|
||||
|
|
@ -1416,15 +1416,15 @@ func_sql_concat_as_||=error # Function concatenation with ||
|
|||
func_sql_current_date=yes # Function CURRENT_DATE
|
||||
###
|
||||
###<select current_date
|
||||
###>2003-03-26
|
||||
###>2003-08-27
|
||||
func_sql_current_time=yes # Function CURRENT_TIME
|
||||
###
|
||||
###<select current_time
|
||||
###>13:44:57
|
||||
###>19:55:21
|
||||
func_sql_current_timestamp=yes # Function CURRENT_TIMESTAMP
|
||||
###
|
||||
###<select current_timestamp
|
||||
###>2003-03-26 13:44:57
|
||||
###>2003-08-27 19:55:21
|
||||
func_sql_current_user=with_parenthesis # CURRENT_USER
|
||||
###< select CURRENT_USER
|
||||
###> execute error:Unknown column 'CURRENT_USER' in 'field list'
|
||||
|
|
@ -1438,11 +1438,11 @@ func_sql_extract_sql=yes # Function EXTRACT
|
|||
func_sql_localtime=yes # Function LOCALTIME
|
||||
###
|
||||
###<select localtime
|
||||
###>2003-03-26 13:44:57
|
||||
###>2003-08-27 19:55:21
|
||||
func_sql_localtimestamp=yes # Function LOCALTIMESTAMP
|
||||
###
|
||||
###<select localtimestamp
|
||||
###>2003-03-26 13:44:57
|
||||
###>2003-08-27 19:55:21
|
||||
func_sql_lower=yes # Function LOWER
|
||||
###
|
||||
###<select LOWER('ABC')
|
||||
|
|
@ -1846,6 +1846,16 @@ left_outer_join_using=yes # left outer join using
|
|||
###> OK
|
||||
###
|
||||
###As far as all queries returned OK, result is YES
|
||||
length_of_varchar_field=actual length # CHARACTER_LENGTH(varchar_field)
|
||||
###< CREATE TABLE crash_me1 (S1 VARCHAR(100))
|
||||
###> OK
|
||||
###< INSERT INTO crash_me1 VALUES ('X')
|
||||
###> OK
|
||||
###
|
||||
###< SELECT CHARACTER_LENGTH(S1) FROM crash_me1
|
||||
### > 1
|
||||
###< drop table crash_me1
|
||||
###> OK
|
||||
like_with_column=yes # column LIKE column
|
||||
###< create table crash_q (a char(10),b char(10))
|
||||
###> OK
|
||||
|
|
@ -1880,7 +1890,7 @@ logical_value=1 # Value of logical operation (1=1)
|
|||
###>1
|
||||
max_big_expressions=10 # big expressions
|
||||
###We are trying (example with N=5):
|
||||
###select 0+(1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+...(16398)
|
||||
###select 0+(1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+...(14308)
|
||||
### 50:FAIL 10:OK 30:FAIL 14:FAIL 11:FAIL
|
||||
max_char_size=255 # max char() size
|
||||
###We are trying (example with N=5):
|
||||
|
|
@ -1902,10 +1912,10 @@ max_conditions=85660 # OR and AND in WHERE
|
|||
###We are trying (example with N=5):
|
||||
###select a from crash_me where a=1 and b='a' or a=0 and b='0' or a=1 and b='1' or a=2 and b='2' or a=3 and b='3' or a=4 and b='4'
|
||||
### 27592:OK 41389:OK 48287:FAIL 42769:OK 45528:FAIL 43321:FAIL 42880:FAIL 42791:OK 42835:FAIL 42800:OK 42817:OK 42826:OK 42830:OK 42832:FAIL 42831:FAIL
|
||||
max_expressions=1659 # simple expressions
|
||||
max_expressions=1450 # simple expressions
|
||||
###We are trying (example with N=5):
|
||||
###select 1+1+1+1+1+1
|
||||
### 5000:FAIL 1000:OK 3000:FAIL 1400:OK 2200:FAIL 1560:OK 1880:FAIL 1624:OK 1752:FAIL 1650:OK 1701:FAIL 1660:FAIL 1652:OK 1656:OK 1658:OK 1659:OK
|
||||
### 5000:FAIL 1000:OK 3000:FAIL 1400:OK 2200:FAIL 1560:FAIL 1432:OK 1496:FAIL 1445:OK 1470:FAIL 1450:OK 1460:FAIL 1452:FAIL 1451:FAIL
|
||||
max_index=32 # max index
|
||||
### max_unique_index=32 ,so max_index must be same
|
||||
max_index_length=500 # index length
|
||||
|
|
@ -1946,10 +1956,10 @@ max_row_length_with_null=65502 # table row length with nulls (without blobs)
|
|||
max_select_alias_name=+512 # select alias name length
|
||||
###We are trying (example with N=5):
|
||||
###select b as aaaaa from crash_me
|
||||
max_stack_expression=1659 # stacked expressions
|
||||
max_stack_expression=1450 # stacked expressions
|
||||
###We are trying (example with N=5):
|
||||
###select 1+(1+(1+(1+(1+(1)))))
|
||||
### 1000:OK 1500:OK 1750:FAIL 1550:OK 1650:OK 1700:FAIL 1660:FAIL 1652:OK 1656:OK 1658:OK 1659:OK
|
||||
### 1000:OK 1500:FAIL 1100:OK 1300:OK 1400:OK 1450:OK 1475:FAIL 1455:FAIL 1451:FAIL
|
||||
max_table_alias_name=+512 # table alias name length
|
||||
###We are trying (example with N=5):
|
||||
###select aaaaa.b from crash_me aaaaa
|
||||
|
|
@ -2119,7 +2129,7 @@ odbc_left_outer_join=yes # left outer join odbc style
|
|||
###> OK
|
||||
###
|
||||
###As far as all queries returned OK, result is YES
|
||||
operating_system=Linux 2.4.18-my-4GB i686 # crash-me tested on
|
||||
operating_system=Linux 2.4.20-64GB-SMP i686 # crash-me tested on
|
||||
order_by=yes # Order by
|
||||
###< select a from crash_me order by a
|
||||
###> OK
|
||||
|
|
@ -3696,7 +3706,7 @@ reserved_word_ansi-92/99_section=no # Keyword SECTION
|
|||
###As far as all queries returned OK, result is NO
|
||||
reserved_word_ansi-92/99_select=yes # Keyword SELECT
|
||||
###< create table crash_me10 (SELECT int not null)
|
||||
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT int not null)' at line 1
|
||||
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'int not null)' at line 1
|
||||
###< drop table crash_me10
|
||||
###> execute error:Unknown table 'crash_me10'
|
||||
###
|
||||
|
|
@ -6043,12 +6053,56 @@ select_without_from=yes # SELECT without FROM
|
|||
###> OK
|
||||
###
|
||||
###As far as all queries returned OK, result is YES
|
||||
server_version=MySQL 4.0.12 debug/ # server version
|
||||
server_version=MySQL 4.0.15 debug log/ # server version
|
||||
simple_joins=yes # ANSI SQL simple joins
|
||||
###< select crash_me.a from crash_me, crash_me t0
|
||||
###> OK
|
||||
###
|
||||
###As far as all queries returned OK, result is YES
|
||||
sorted_group_by=yes # Group by always sorted
|
||||
###< create table crash_me_t1 (a int not null, b int not null)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (1,1)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (1,2)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (3,1)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (3,2)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (2,2)
|
||||
###> OK
|
||||
###< insert into crash_me_t1 values (2,1)
|
||||
###> OK
|
||||
###< create table crash_me_t2 (a int not null, b int not null)
|
||||
###> OK
|
||||
###< create index crash_me_t2_ind on crash_me_t2 (a)
|
||||
###> OK
|
||||
###< insert into crash_me_t2 values (1,3)
|
||||
###> OK
|
||||
###< insert into crash_me_t2 values (3,1)
|
||||
###> OK
|
||||
###< insert into crash_me_t2 values (2,2)
|
||||
###> OK
|
||||
###< insert into crash_me_t2 values (1,1)
|
||||
###> OK
|
||||
###
|
||||
###< select crash_me_t1.a,crash_me_t2.b from crash_me_t1,crash_me_t2 where crash_me_t1.a=crash_me_t2.a group by crash_me_t1.a,crash_me_t2.b
|
||||
### > 1,1
|
||||
### > 1,3
|
||||
### > 2,2
|
||||
### > 3,1
|
||||
###
|
||||
### Check recordset:
|
||||
### 1,1 expected: 1,1
|
||||
### 1,3 expected: 1,3
|
||||
### 2,2 expected: 2,2
|
||||
### 3,1 expected: 3,1
|
||||
### Recordset corresponds with template
|
||||
###< drop table crash_me_t1
|
||||
###> OK
|
||||
###< drop table crash_me_t2
|
||||
###> OK
|
||||
storage_of_float=round # Storage of float values
|
||||
###< create table crash_q (q1 float(4,1))
|
||||
###> OK
|
||||
|
|
@ -6166,7 +6220,7 @@ time_format_inresult=iso # Time format in result
|
|||
###> OK
|
||||
###
|
||||
###< select a from crash_me_t
|
||||
###> 13:44:57
|
||||
###> 19:55:21
|
||||
###< delete from crash_me_t
|
||||
###> OK
|
||||
transactions=yes # transactions
|
||||
|
|
|
|||
|
|
@ -1190,7 +1190,7 @@ Item_cond::fix_fields(THD *thd,TABLE_LIST *tables)
|
|||
and_tables_cache= ~(table_map) 0;
|
||||
|
||||
if (thd && check_stack_overrun(thd,buff))
|
||||
return 0; // Fatal error flag is set!
|
||||
return 1; // Fatal error flag is set!
|
||||
while ((item=li++))
|
||||
{
|
||||
table_map tmp_table_map;
|
||||
|
|
|
|||
|
|
@ -68,7 +68,7 @@ Item_func::fix_fields(THD *thd,TABLE_LIST *tables)
|
|||
const_item_cache=1;
|
||||
|
||||
if (thd && check_stack_overrun(thd,buff))
|
||||
return 0; // Fatal error if flag is set!
|
||||
return 1; // Fatal error if flag is set!
|
||||
if (arg_count)
|
||||
{ // Print purify happy
|
||||
for (arg=args, arg_end=args+arg_count; arg != arg_end ; arg++)
|
||||
|
|
@ -1170,7 +1170,7 @@ udf_handler::fix_fields(THD *thd,TABLE_LIST *tables,Item_result_field *func,
|
|||
if (thd)
|
||||
{
|
||||
if (check_stack_overrun(thd,buff))
|
||||
return 0; // Fatal error flag is set!
|
||||
DBUG_RETURN(1); // Fatal error flag is set!
|
||||
}
|
||||
else
|
||||
thd=current_thd; // In WHERE / const clause
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue