diff options
| author | Sergey Glukhov <sergey.glukhov@oracle.com> | 2010-12-21 14:34:11 +0300 |
|---|---|---|
| committer | Sergey Glukhov <sergey.glukhov@oracle.com> | 2010-12-21 14:34:11 +0300 |
| commit | e2db8e6ccb2655ec5706305b491540ad3f1c8267 (patch) | |
| tree | f5ef5d20bde3490e4a43f28f7b52f2cd24952564 /sql/item_sum.h | |
| parent | d5bf6b8aa8bb1c745abeb5e245f0398858ca1461 (diff) | |
| download | mariadb-git-e2db8e6ccb2655ec5706305b491540ad3f1c8267.tar.gz | |
Bug#58030 crash in Item_func_geometry_from_text::val_str
Item_sum_max/Item_sum_min incorrectly set null_value flag and
attempt to get result in parent functions leads to crash.
This happens due to double evaluation of the function argumet.
First evaluation happens in the comparator and second one
happens in Item_cache::cache_value().
The fix is to introduce new Item_cache object which
holds result of the argument and use this cached value
as an argument of the comparator.
mysql-test/r/func_group.result:
test case
mysql-test/t/func_group.test:
test case
sql/item.cc:
added assertion that ether we have some result or result is NULL.
sql/item_sum.cc:
introduce new Item_cache object which
holds result of the argument and use this cached value
as an argument of the comparator.
sql/item_sum.h:
introduce new Item_cache object which
holds result of the argument and use this cached value
as an argument of the comparator.
Diffstat (limited to 'sql/item_sum.h')
| -rw-r--r-- | sql/item_sum.h | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sql/item_sum.h b/sql/item_sum.h index 26290a812f4..de988c196ec 100644 --- a/sql/item_sum.h +++ b/sql/item_sum.h @@ -823,7 +823,7 @@ class Item_cache; class Item_sum_hybrid :public Item_sum { protected: - Item_cache *value; + Item_cache *value, *arg_cache; Arg_comparator *cmp; Item_result hybrid_type; enum_field_types hybrid_field_type; @@ -832,14 +832,14 @@ protected: public: Item_sum_hybrid(Item *item_par,int sign) - :Item_sum(item_par), value(0), cmp(0), + :Item_sum(item_par), value(0), arg_cache(0), cmp(0), hybrid_type(INT_RESULT), hybrid_field_type(MYSQL_TYPE_LONGLONG), cmp_sign(sign), was_values(TRUE) { collation.set(&my_charset_bin); } Item_sum_hybrid(THD *thd, Item_sum_hybrid *item) - :Item_sum(thd, item), value(item->value), hybrid_type(item->hybrid_type), - hybrid_field_type(item->hybrid_field_type), cmp_sign(item->cmp_sign), - was_values(item->was_values) + :Item_sum(thd, item), value(item->value), arg_cache(0), + hybrid_type(item->hybrid_type), hybrid_field_type(item->hybrid_field_type), + cmp_sign(item->cmp_sign), was_values(item->was_values) { } bool fix_fields(THD *, Item **); void setup_hybrid(Item *item, Item *value_arg); |