Bug#46259: 5.0.83 -> 5.1.36, query doesn't work

      
The parser rule for expressions in a udf parameter list contains 
two hacks: 
First, the parser input stream is read verbatim, bypassing 
the lexer.
Second, the Item::name field is overwritten. If the argument to a
udf was a field, the field's name as seen by name resolution was
overwritten this way.
If the field name was quoted or escaped, it would appear as e.g. "`field`".
Fixed by not overwriting field names.

mysql-test/r/udf.result:
  Bug#46259: Test result.
mysql-test/t/udf.test:
  Bug#46259: Test case.
sql/sql_yacc.yy:
  Bug#46259: Fix.

1 files changed, 7 insertions, 1 deletions

diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index a18f57bf9cf..db97e77bbd0 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -7921,7 +7921,13 @@ udf_expr:
               $2->is_autogenerated_name= FALSE;
               $2->set_name($4.str, $4.length, system_charset_info);
             }
-            else
+            /* 
+               A field has to have its proper name in order for name
+               resolution to work, something we are only guaranteed if we
+               parse it out. If we hijack the input stream with
+               remember_name we may get quoted or escaped names.
+            */
+            else if ($2->type() != Item::FIELD_ITEM)
               $2->set_name($1, (uint) ($3 - $1), YYTHD->charset());
             $$= $2;
           }