mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-15 19:42:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDEV-31032: UBSAN|downcast of address X which does not point to an

Browse source 
object of type 'Item_string' in sql/json_schema.cc

Analysis: make_string_literal() returns pointer of type
Item_basic_constant which is converted to pointer of type Item_string. Now,
Item_string is base class of Item_basic_constant, so the error about
downcasting.
Fix: using constructor of Item_string type directly instead of
downcasting would be more appropriate.
This commit is contained in:
Rucha Deodhar 2023-04-17 17:51:34 +05:30
parent 4b67ff3b25
commit 7321c71aa1
5 changed files with 45 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
mysql-test/main/func_json.result
View file

@ -4649,4 +4649,23 @@ JSON_SCHEMA_VALID(@schema, '9007900000000060')
SELECT JSON_SCHEMA_VALID(@schema, '9007900000000061');
JSON_SCHEMA_VALID(@schema, '9007900000000061')
0
#
# MDEV-31032: UBSAN|downcast of address X which does not point to an object of type
# Item_string' in sql/json_schema.cc
#
SET @old_sql_mode= @@sql_mode;
SET @schema='{ "type":"object","patternProperties": { "^I_": {"type":"number"},"^S_" : {"type":"string"} } }';
SET SESSION sql_mode='empty_string_is_null';
SELECT JSON_SCHEMA_VALID (@schema,'{"key1":"val0","key2":0,"I_int":0,"S_":"abc","prop0":"str0"}');
JSON_SCHEMA_VALID (@schema,'{"key1":"val0","key2":0,"I_int":0,"S_":"abc","prop0":"str0"}')
1
SET @@sql_mode= @old_sql_mode;
SET @property_names='{ "PropertyNames":{ "pattern": "^I_" } }';
SET GLOBAL sql_mode=17179869183;
SET @@sql_mode=DEFAULT;
SELECT JSON_SCHEMA_VALID(@property_names, '{"I_int1":3, "I_ob1":{"key1":"val1"}}');
JSON_SCHEMA_VALID(@property_names, '{"I_int1":3, "I_ob1":{"key1":"val1"}}')
1
SET @@sql_mode= @old_sql_mode;
set global sql_mode=default;
# End of 11.1 test

20
mysql-test/main/func_json.test
View file

@ -3543,5 +3543,25 @@ SELECT JSON_SCHEMA_VALID(@schema, '9007900000000001');
SELECT JSON_SCHEMA_VALID(@schema, '9007900000000060');
SELECT JSON_SCHEMA_VALID(@schema, '9007900000000061');
--echo #
--echo # MDEV-31032: UBSAN|downcast of address X which does not point to an object of type
--echo # Item_string' in sql/json_schema.cc
--echo #
SET @old_sql_mode= @@sql_mode;
SET @schema='{ "type":"object","patternProperties": { "^I_": {"type":"number"},"^S_" : {"type":"string"} } }';
SET SESSION sql_mode='empty_string_is_null';
SELECT JSON_SCHEMA_VALID (@schema,'{"key1":"val0","key2":0,"I_int":0,"S_":"abc","prop0":"str0"}');
SET @@sql_mode= @old_sql_mode;
SET @property_names='{ "PropertyNames":{ "pattern": "^I_" } }';
SET GLOBAL sql_mode=17179869183;
SET @@sql_mode=DEFAULT;
SELECT JSON_SCHEMA_VALID(@property_names, '{"I_int1":3, "I_ob1":{"key1":"val1"}}');
SET @@sql_mode= @old_sql_mode;
set global sql_mode=default;
--echo # End of 11.1 test

29
sql/json_schema.cc
View file

@ -416,7 +416,7 @@ bool Json_schema_const::validate(const json_engine_t *je,
json_engine_t temp_je= *je;
json_engine_t temp_je_2;
String a_res("", 0, curr_je.s.cs);
int err;
int err= 0;
if (type != curr_je.value_type)
return true;
@ -774,20 +774,8 @@ bool Json_schema_multiple_of::validate(const json_engine_t *je,
if (je->num_flags & JSON_NUM_FRAC_PART)
return true;
<<<<<<< HEAD
double val= je->s.cs->strntod((char *) je->value,
je->value_len, &end, &err);
double temp= val / multiple_of;
bool res= (temp - (long long int)temp) == 0;
||||||| parent of 628ce9d4f44... MDEV-30705: JSON_SCHEMA_VALID: schema with multipleOf for big value
double val= je->s.cs->strntod((char *) je->value,
je->value_len, &end, &err);
double temp= val / this->value;
bool res= (temp - (long long int)temp) == 0;
=======
longlong val= je->s.cs->strntoll((char *) je->value,
je->value_len, 10, &end, &err);
>>>>>>> 628ce9d4f44... MDEV-30705: JSON_SCHEMA_VALID: schema with multipleOf for big value
return val % multiple_of;
}
@ -881,17 +869,9 @@ bool Json_schema_min_len::handle_keyword(THD *thd, json_engine_t *je,
if (val < 0)
{
my_error(ER_JSON_INVALID_VALUE_FOR_KEYWORD, MYF(0), "minLength");
<<<<<<< HEAD
return true;
}
value= val;
||||||| parent of 203f63d7bf1... MDEV-30704: JSON_SCHEMA_VALID: multipleOf must be greater than zero
value= val;
=======
return true;
}
value= (int)val;
>>>>>>> 203f63d7bf1... MDEV-30704: JSON_SCHEMA_VALID: multipleOf must be greater than zero
return false;
}
@ -949,8 +929,7 @@ bool Json_schema_pattern::handle_keyword(THD *thd, json_engine_t *je,
my_repertoire_t repertoire= my_charset_repertoire(je->s.cs);
pattern= thd->make_string_literal((const char*)je->value,
je->value_len, repertoire);
str= (Item_string*)current_thd->make_string_literal((const char*)"",
0, repertoire);
str= new (thd->mem_root) Item_string(thd, "", (uint) 0, je->s.cs);
re.init(je->s.cs, 0);
re.unset_flag(PCRE2_CASELESS);
@ -2272,9 +2251,7 @@ bool Json_schema_pattern_properties::handle_keyword(THD *thd,
return true;
}
str= (Item_string*)thd->make_string_literal((const char*)"",
0,
my_charset_repertoire(je->s.cs));
str= new (thd->mem_root) Item_string(thd, "", (uint) 0, je->s.cs);
int level= je->stack_p;
while (json_scan_next(je)==0 && level <= je->stack_p)

2
sql/json_schema.h
View file

@ -362,7 +362,7 @@ class Json_schema_contains : public Json_schema_keyword
const char* key_start,
const char* key_end,
List<Json_schema_keyword> *all_keywords) override;
void set_dependents(Json_schema_keyword *min, Json_schema_keyword *max)
void set_dependents(Json_schema_keyword *min, Json_schema_keyword *max) override
{
min_contains= min;
max_contains= max;

4
sql/json_schema_helper.cc
View file

@ -61,8 +61,8 @@ uchar* get_key_name(const char *key_name, size_t *length,
void json_get_normalized_string(json_engine_t *je, String *res,
int *error)
{
char *val_begin= (char*)je->value, *val_end;
String val;
char *val_begin= (char*)je->value, *val_end= NULL;
String val("",0,je->s.cs);
DYNAMIC_STRING a_res;
if (init_dynamic_string(&a_res, NULL, 0, 0))