diff options
author | Evgeny Potemkin <epotemkin@mysql.com> | 2010-11-04 16:18:27 +0300 |
---|---|---|
committer | Evgeny Potemkin <epotemkin@mysql.com> | 2010-11-04 16:18:27 +0300 |
commit | ccbf81d5ff87c10e423abbcab385552c7dca7403 (patch) | |
tree | b06df733326a27bfe4c649b142323518161c1d3c /sql/item.h | |
parent | 2a4f50a5df9bc457928f07493618286814444f25 (diff) | |
download | mariadb-git-ccbf81d5ff87c10e423abbcab385552c7dca7403.tar.gz |
Bug#57278: Crash on min/max + with date out of range.
MySQL officially supports DATE values starting from 1000-01-01. This is
enforced for int values, but not for string values, thus one
could easily insert '0001-01-01' value. Int values are checked by
number_to_datetime function and Item_cache_datetime::val_str uses it
to fill MYSQL_TIME struct out of cached int value. This leads to the
scenario where Item_cache_datetime caches a non-null datetime value and when
it tries to convert it from int to string number_to_datetime function
treats the value as out-of-range and returns an error and
Item_cache_datetime::val_str returns NULL for a non-null value. Due to this
inconsistency server crashes.
Now number_to_datetime allows DATE values below 1000-01-01 if the
TIME_FUZZY_DATE flag is set. Better NULL handling for Item_cache_datetime.
Added the Item_cache_datetime::store function to reset str_value_cached flag
when an item is stored.
Diffstat (limited to 'sql/item.h')
-rw-r--r-- | sql/item.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sql/item.h b/sql/item.h index 8e8199ecac8..b46f78853b7 100644 --- a/sql/item.h +++ b/sql/item.h @@ -3451,8 +3451,8 @@ public: cmp_context= STRING_RESULT; } - virtual void store(Item *item) { Item_cache::store(item); } void store(Item *item, longlong val_arg); + void store(Item *item); double val_real(); longlong val_int(); String* val_str(String *str); |