diff options
| author | unknown <malff/marcsql@weblab.(none)> | 2007-08-29 14:50:32 -0600 |
|---|---|---|
| committer | unknown <malff/marcsql@weblab.(none)> | 2007-08-29 14:50:32 -0600 |
| commit | b0f899e9779764aee7b08021a179599e27a209e8 (patch) | |
| tree | 61bd01778d20b6437e16ed980da1cdd23f4ca5e1 /mysql-test/r/comments.result | |
| parent | 3d5440505cf530404b7b4d9ef544718ffb8c637f (diff) | |
| download | mariadb-git-b0f899e9779764aee7b08021a179599e27a209e8.tar.gz | |
Bug#28779 (mysql_query() allows execution of statements with unbalanced
comments)
Before this fix, the server would accept queries that contained comments,
even when the comments were not properly closed with a '*' '/' marker.
For example,
select 1 /* + 2 <EOF>
would be accepted as
select 1 /* + 2 */ <EOF>
and executed as
select 1
With this fix, the server now rejects queries with unclosed comments
as syntax errors.
Both regular comments ('/' '*') and special comments ('/' '*' '!') must be
closed with '*' '/' to be parsed correctly.
mysql-test/r/comments.result:
Unbalanced comments are a syntax error.
mysql-test/t/comments.test:
Unbalanced comments are a syntax error.
sql/sql_lex.cc:
Unbalanced comments are a syntax error.
Diffstat (limited to 'mysql-test/r/comments.result')
| -rw-r--r-- | mysql-test/r/comments.result | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/mysql-test/r/comments.result b/mysql-test/r/comments.result index a9106ce0538..1040c3fc8e9 100644 --- a/mysql-test/r/comments.result +++ b/mysql-test/r/comments.result @@ -26,3 +26,18 @@ select 1 # The rest of the row will be ignored 1 1 /* line with only comment */; +drop table if exists table_28779; +create table table_28779 (a int); +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*' AND b = 'bar';"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/*' AND b = 'bar'' at line 1 +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*' AND b = 'bar';*"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/*' AND b = 'bar';*' at line 1 +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*! AND 2=2;"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*! AND 2=2;*"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ';*' at line 1 +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*!98765' AND b = 'bar';"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/*!98765' AND b = 'bar'' at line 1 +prepare bar from "DELETE FROM table_28779 WHERE a = 7 OR 1=1/*!98765' AND b = 'bar';*"; +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/*!98765' AND b = 'bar';*' at line 1 +drop table table_28779; |