Bug #32124: crash if prepared statements refer to variables in the where clause

The code to get read the value of a system variable was extracting its value on PREPARE stage and was substituting the value (as a constant) into the parse tree. Note that this must be a reversible transformation, i.e. it must be reversed before each re-execution. Unfortunately this cannot be reliably done using the current code, because there are other non-reversible source tree transformations that can interfere with this reversible transformation. Fixed by not resolving the value at PREPARE, but at EXECUTE (as the rest of the functions operate). Added a cache of the value (so that it's constant throughout the execution of the query). Note that the cache also caches NULL values. Updated an obsolete related test suite (variables-big) and the code to test the result type of system variables (as per bug 74). mysql-test/extra/rpl_tests/rpl_insert_id.test: Bug #32124: removed ambiguous testcase mysql-test/r/innodb_data_home_dir_basic.result: Bug #32124: fixed wrong test case mysql-test/r/innodb_flush_method_basic.result: Bug #32124: fixed wrong test case mysql-test/r/ps_11bugs.result: Bug #32124: test case mysql-test/r/ssl_capath_basic.result: Bug #32124: fixed wrong test case mysql-test/r/ssl_cipher_basic.result: Bug #32124: fixed wrong test case mysql-test/r/variables.result: Bug #32124: system vars are shown as such in EXPLAIN EXTENDED, not as constants. mysql-test/suite/rpl/r/rpl_insert_id.result: Bug #32124: removed ambiguous testcase mysql-test/t/ps_11bugs.test: Bug #32124: test case sql/item.cc: Bug #32124: placed the code to convert string to longlong or double to a function (so that it can be reused) sql/item.h: Bug #32124: placed the code to convert string to longlong or double to a function (so that it can be reused) sql/item_func.cc: Bug #32124: moved the evaluation of system variables at runtime (val_xxx). sql/item_func.h: Bug #32124: moved the evaluation of system variables at runtime (val_xxx). sql/set_var.cc: Bug #32124: removed the code that calculated the system variable's value at PREPARE sql/set_var.h: Bug #32124: removed the code that calculated the system variable's value at PREPARE tests/mysql_client_test.c: Bug #32124 : removed the reading of the system variable, because its max length is depended on the system charset and client charset and can't be easily calculated.
author: Georgi Kodinov <kgeorge@mysql.com> 2008-10-08 14:23:53 +0300
committer: Georgi Kodinov <kgeorge@mysql.com> 2008-10-08 14:23:53 +0300
commit: 1744e15b05101b9cce52c3d1c9ce087e726f8a3c (patch)
tree: 9244a02dac3bb0b0d2dafbc410630a91346aba2f /sql/item_func.h
parent: c8bc29c2b8bd5c100c1355b1a6964a469a7beb10 (diff)
download: mariadb-git-1744e15b05101b9cce52c3d1c9ce087e726f8a3c.tar.gz
1 files changed, 23 insertions, 10 deletions
diff --git a/sql/item_func.h b/sql/item_func.h
index d84abdb6e56..778ffd5757f 100644
--- a/sql/item_func.h
+++ b/sql/item_func.h
@@ -55,7 +55,7 @@ public:
                   NOW_FUNC, TRIG_COND_FUNC,
                   SUSERVAR_FUNC, GUSERVAR_FUNC, COLLATE_FUNC,
                   EXTRACT_FUNC, CHAR_TYPECAST_FUNC, FUNC_SP, UDF_FUNC,
-                  NEG_FUNC };
+                  NEG_FUNC, GSYSVAR_FUNC };
   enum optimize_type { OPTIMIZE_NONE,OPTIMIZE_KEY,OPTIMIZE_OP, OPTIMIZE_NULL,
                        OPTIMIZE_EQUAL };
   enum Type type() const { return FUNC_ITEM; }
@@ -1426,24 +1426,36 @@ public:
 
 /* A system variable */
 
+#define GET_SYS_VAR_CACHE_LONG     1
+#define GET_SYS_VAR_CACHE_DOUBLE   2
+#define GET_SYS_VAR_CACHE_STRING   4
+
 class Item_func_get_system_var :public Item_func
 {
   sys_var *var;
   enum_var_type var_type;
   LEX_STRING component;
+  longlong cached_llval;
+  double cached_dval;
+  String cached_strval;
+  my_bool cached_null_value;
+  query_id_t used_query_id;
+  uchar cache_present;
+
 public:
   Item_func_get_system_var(sys_var *var_arg, enum_var_type var_type_arg,
                            LEX_STRING *component_arg, const char *name_arg,
                            size_t name_len_arg);
-  bool fix_fields(THD *thd, Item **ref);
-  /*
-    Stubs for pure virtual methods. Should never be called: this
-    item is always substituted with a constant in fix_fields().
-  */
-  double val_real()         { DBUG_ASSERT(0); return 0.0; }
-  longlong val_int()        { DBUG_ASSERT(0); return 0; }
-  String* val_str(String*)  { DBUG_ASSERT(0); return 0; }
-  void fix_length_and_dec() { DBUG_ASSERT(0); }
+  enum Functype functype() const { return GSYSVAR_FUNC; }
+  void fix_length_and_dec();
+  void print(String *str, enum_query_type query_type);
+  bool const_item() const { return true; }
+  table_map used_tables() const { return 0; }
+  enum Item_result result_type() const;
+  enum_field_types field_type() const;
+  double val_real();
+  longlong val_int();
+  String* val_str(String*);
   /* TODO: fix to support views */
   const char *func_name() const { return "get_system_var"; }
   /**
@@ -1455,6 +1467,7 @@ public:
     @return true if the variable is written to the binlog, false otherwise.
   */
   bool is_written_to_binlog();
+  bool eq(const Item *item, bool binary_cmp) const;
 };
author	Georgi Kodinov <kgeorge@mysql.com>	2008-10-08 14:23:53 +0300
committer	Georgi Kodinov <kgeorge@mysql.com>	2008-10-08 14:23:53 +0300
commit	1744e15b05101b9cce52c3d1c9ce087e726f8a3c (patch)
tree	9244a02dac3bb0b0d2dafbc410630a91346aba2f /sql/item_func.h
parent	c8bc29c2b8bd5c100c1355b1a6964a469a7beb10 (diff)
download	mariadb-git-1744e15b05101b9cce52c3d1c9ce087e726f8a3c.tar.gz