diff options
| author | tnurnberg@salvation.intern.azundris.com <> | 2006-09-04 07:01:15 +0200 |
|---|---|---|
| committer | tnurnberg@salvation.intern.azundris.com <> | 2006-09-04 07:01:15 +0200 |
| commit | 72c6c14bb20dfe3a92d051f38b235e1eab85318e (patch) | |
| tree | bcb6c9789802615a73170658c26a532ec0799ac2 | |
| parent | 46b3997c514fac4b991209d8679b12698bf5103f (diff) | |
| parent | 41f19324886d62935728a033e6135b77b0b21e77 (diff) | |
| download | mariadb-git-72c6c14bb20dfe3a92d051f38b235e1eab85318e.tar.gz | |
Merge salvation.intern.azundris.com:/home/tnurnberg/21913/my41-21913
into salvation.intern.azundris.com:/home/tnurnberg/21913/my50-21913
21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
Variable character_set_results can legally be NULL (for "no conversion.")
This could result in a NULL deref that crashed the server. Fixed.
(Although ran some additional precursory tests to see whether I could break
anything else, but no breakage so far.)
| -rw-r--r-- | mysql-test/r/func_time.result | 12 | ||||
| -rw-r--r-- | mysql-test/t/func_time.test | 18 | ||||
| -rw-r--r-- | sql/sql_string.cc | 7 |
3 files changed, 36 insertions, 1 deletions
diff --git a/mysql-test/r/func_time.result b/mysql-test/r/func_time.result index db696f61fed..42a040e0613 100644 --- a/mysql-test/r/func_time.result +++ b/mysql-test/r/func_time.result @@ -960,3 +960,15 @@ id day id day 3 2005-07-01 3 2005-07-15 DROP TABLE t1,t2; set time_zone= @@global.time_zone; +SET NAMES latin1; +SET character_set_results = NULL; +SHOW VARIABLES LIKE 'character_set_results'; +Variable_name Value +character_set_results +CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY); +INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd'); +SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868; +fmtddate field2 +Sep-4 12:00AM abcd +DROP TABLE testBug8868; +SET NAMES DEFAULT; diff --git a/mysql-test/t/func_time.test b/mysql-test/t/func_time.test index 6aaf51b0acb..2d9c872f0b3 100644 --- a/mysql-test/t/func_time.test +++ b/mysql-test/t/func_time.test @@ -534,3 +534,21 @@ DROP TABLE t1,t2; # Restore timezone to default set time_zone= @@global.time_zone; + +# +# 21913: DATE_FORMAT() Crashes mysql server if I use it through +# mysql-connector-j driver. +# + +SET NAMES latin1; +SET character_set_results = NULL; +SHOW VARIABLES LIKE 'character_set_results'; + +CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY); +INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd'); + +SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868; + +DROP TABLE testBug8868; + +SET NAMES DEFAULT; diff --git a/sql/sql_string.cc b/sql/sql_string.cc index 79228be8a76..7aaca809113 100644 --- a/sql/sql_string.cc +++ b/sql/sql_string.cc @@ -248,6 +248,10 @@ bool String::copy(const char *str,uint32 arg_length, CHARSET_INFO *cs) 0 No conversion needed 1 Either character set conversion or adding leading zeros (e.g. for UCS-2) must be done + + NOTE + to_cs may be NULL for "no conversion" if the system variable + character_set_results is NULL. */ bool String::needs_conversion(uint32 arg_length, @@ -256,7 +260,8 @@ bool String::needs_conversion(uint32 arg_length, uint32 *offset) { *offset= 0; - if ((to_cs == &my_charset_bin) || + if (!to_cs || + (to_cs == &my_charset_bin) || (to_cs == from_cs) || my_charset_same(from_cs, to_cs) || ((from_cs == &my_charset_bin) && |