diff options
| author | Gleb Shchepa <gshchepa@mysql.com> | 2010-08-15 11:56:14 +0400 |
|---|---|---|
| committer | Gleb Shchepa <gshchepa@mysql.com> | 2010-08-15 11:56:14 +0400 |
| commit | eebecee7d3559281e30c13027f77782aec131f29 (patch) | |
| tree | 4738931efbb3d3e34d0da2612a5709eaa585b9ef | |
| parent | 7f8627e36bd77bf418dbec50f10566d5917d3a1c (diff) | |
| parent | 45a87c685b1378d3840df3e391134afb01dead6f (diff) | |
| download | mariadb-git-eebecee7d3559281e30c13027f77782aec131f29.tar.gz | |
automerge 5.1-security --> 5.5-security (bug 55424)
| -rw-r--r-- | mysql-test/r/timezone2.result | 12 | ||||
| -rw-r--r-- | mysql-test/t/timezone2.test | 9 | ||||
| -rw-r--r-- | sql/sql_string.h | 2 | ||||
| -rw-r--r-- | sql/tztime.cc | 2 |
4 files changed, 23 insertions, 2 deletions
diff --git a/mysql-test/r/timezone2.result b/mysql-test/r/timezone2.result index 2948bb8ecec..e2e337628ce 100644 --- a/mysql-test/r/timezone2.result +++ b/mysql-test/r/timezone2.result @@ -296,4 +296,16 @@ CONVERT_TZ(NOW(), 'UTC', 'Europe/Moscow') IS NULL UPDATE t1 SET t = CONVERT_TZ(t, 'UTC', 'Europe/Moscow'); UNLOCK TABLES; DROP TABLE t1; +# +# Bug #55424: convert_tz crashes when fed invalid data +# +CREATE TABLE t1 (a SET('x') NOT NULL); +INSERT INTO t1 VALUES (''); +SELECT CONVERT_TZ(1, a, 1) FROM t1; +CONVERT_TZ(1, a, 1) +NULL +SELECT CONVERT_TZ(1, 1, a) FROM t1; +CONVERT_TZ(1, 1, a) +NULL +DROP TABLE t1; End of 5.1 tests diff --git a/mysql-test/t/timezone2.test b/mysql-test/t/timezone2.test index 15ddceb8d68..c4445da107c 100644 --- a/mysql-test/t/timezone2.test +++ b/mysql-test/t/timezone2.test @@ -273,5 +273,14 @@ UNLOCK TABLES; DROP TABLE t1; +--echo # +--echo # Bug #55424: convert_tz crashes when fed invalid data +--echo # + +CREATE TABLE t1 (a SET('x') NOT NULL); +INSERT INTO t1 VALUES (''); +SELECT CONVERT_TZ(1, a, 1) FROM t1; +SELECT CONVERT_TZ(1, 1, a) FROM t1; +DROP TABLE t1; --echo End of 5.1 tests diff --git a/sql/sql_string.h b/sql/sql_string.h index 0ce67108423..d21b5353b76 100644 --- a/sql/sql_string.h +++ b/sql/sql_string.h @@ -104,7 +104,7 @@ public: inline uint32 alloced_length() const { return Alloced_length;} inline char& operator [] (uint32 i) const { return Ptr[i]; } inline void length(uint32 len) { str_length=len ; } - inline bool is_empty() { return (str_length == 0); } + inline bool is_empty() const { return (str_length == 0); } inline void mark_as_const() { Alloced_length= 0;} inline const char *ptr() const { return Ptr; } inline char *c_ptr() diff --git a/sql/tztime.cc b/sql/tztime.cc index 43d43123158..a2f319d4307 100644 --- a/sql/tztime.cc +++ b/sql/tztime.cc @@ -2300,7 +2300,7 @@ my_tz_find(THD *thd, const String *name) DBUG_PRINT("enter", ("time zone name='%s'", name ? ((String *)name)->c_ptr_safe() : "NULL")); - if (!name) + if (!name || name->is_empty()) DBUG_RETURN(0); mysql_mutex_lock(&tz_LOCK); |