Bug#44332 my_xml_scan reads behind the end of buffer

Problem: the scanner function tested for strings "<![CDATA[" and
"-->" without checking input string boundaries, which led to valgrind's
"Conditional jump or move depends on uninitialised value(s)" error.

Fix: Adding boundary checking.

  @ mysql-test/r/xml.result
  @ mysql-test/t/xml.test
  Adding test

  @ strings/xml.c
  Adding a helper function my_xml_parser_prefix_cmp(),
  with input string boundary check.

1 files changed, 11 insertions, 0 deletions

diff --git a/mysql-test/r/xml.result b/mysql-test/r/xml.result
index 92f84381415..0a71a596505 100644
--- a/mysql-test/r/xml.result
+++ b/mysql-test/r/xml.result
@@ -1113,4 +1113,15 @@ SELECT UPDATEXML(NULL, (LPAD(0.1111E-15, '2011', 1)), 1);
 ERROR 22007: Illegal double '111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111' value found during parsing
 SELECT EXTRACTVALUE('', LPAD(0.1111E-15, '2011', 1));
 ERROR 22007: Illegal double '111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111' value found during parsing
+#
+# Bug #44332 	my_xml_scan reads behind the end of buffer
+#
+SELECT UPDATEXML(CONVERT(_latin1'<' USING utf8),'1','1');
+UPDATEXML(CONVERT(_latin1'<' USING utf8),'1','1')
+NULL
+Warnings:
+Warning	1525	Incorrect XML value: 'parse error at line 1 pos 2: END-OF-INPUT unexpected (ident or '/' wanted)'
+SELECT UPDATEXML(CONVERT(_latin1'<!--' USING utf8),'1','1');
+UPDATEXML(CONVERT(_latin1'<!--' USING utf8),'1','1')
+NULL
 End of 5.1 tests