diff options
| author | monty@mysql.com <> | 2004-04-28 03:37:45 +0300 |
|---|---|---|
| committer | monty@mysql.com <> | 2004-04-28 03:37:45 +0300 |
| commit | edc584accec0be3f99f686d1b157d5ec12428f1e (patch) | |
| tree | 2b509e76781756629036bcda0b2d4095f6d393d6 /sql | |
| parent | 93797a0dffc42f812e55ab089847b804ee8c7204 (diff) | |
| download | mariadb-git-edc584accec0be3f99f686d1b157d5ec12428f1e.tar.gz | |
Fixed stack overrun with some INSERT ... SELECT ... GROUP BY queries (Bug #3265)
Ensure that raid_chunks is not set to higher than 255 as this could cause problems with DROP DATABASE. (Bug #3182)
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/item.cc | 12 | ||||
| -rw-r--r-- | sql/item.h | 1 | ||||
| -rw-r--r-- | sql/sql_insert.cc | 12 | ||||
| -rw-r--r-- | sql/table.cc | 5 |
4 files changed, 25 insertions, 5 deletions
diff --git a/sql/item.cc b/sql/item.cc index fcc9372773a..739b5385b55 100644 --- a/sql/item.cc +++ b/sql/item.cc @@ -322,6 +322,15 @@ String *Item_copy_string::val_str(String *str) return &str_value; } +bool Item_copy_string::save_in_field(Field *field, bool no_conversions) +{ + if (null_value) + return set_field_to_null(field); + field->set_notnull(); + field->store(str_value.ptr(), str_value.length()); + return 0; +} + /* ** Functions to convert item to field (for send_fields) */ @@ -520,7 +529,10 @@ bool Item::save_in_field(Field *field, bool no_conversions) str_value.set_quick(buff,sizeof(buff)); result=val_str(&str_value); if (null_value) + { + str_value.set_quick(0, 0); return set_field_to_null_with_conversions(field, no_conversions); + } field->set_notnull(); field->store(result->ptr(),result->length()); str_value.set_quick(0, 0); diff --git a/sql/item.h b/sql/item.h index f96f4cd506a..f6f9e1c0621 100644 --- a/sql/item.h +++ b/sql/item.h @@ -499,6 +499,7 @@ public: String *val_str(String*); void make_field(Send_field *field) { item->make_field(field); } void copy(); + bool save_in_field(Field *field, bool no_conversions); table_map used_tables() const { return (table_map) 1L; } bool const_item() const { return 0; } bool is_null() { return null_value; } diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc index b09294cad6f..94e2f8f8850 100644 --- a/sql/sql_insert.cc +++ b/sql/sql_insert.cc @@ -391,6 +391,7 @@ int write_record(TABLE *table,COPY_INFO *info) { int error; char *key=0; + DBUG_ENTER("write_record"); info->records++; if (info->handle_duplicates == DUP_REPLACE) @@ -474,14 +475,14 @@ int write_record(TABLE *table,COPY_INFO *info) info->copied++; if (key) my_safe_afree(key,table->max_unique_length,MAX_KEY_LENGTH); - return 0; + DBUG_RETURN(0); err: if (key) my_afree(key); info->last_errno= error; table->file->print_error(error,MYF(0)); - return 1; + DBUG_RETURN(1); } @@ -1342,24 +1343,25 @@ select_insert::~select_insert() bool select_insert::send_data(List<Item> &values) { + DBUG_ENTER("select_insert::send_data"); if (thd->offset_limit) { // using limit offset,count thd->offset_limit--; - return 0; + DBUG_RETURN(0); } if (fields->elements) fill_record(*fields, values, 1); else fill_record(table->field, values, 1); if (write_record(table,&info)) - return 1; + DBUG_RETURN(1); if (table->next_number_field) // Clear for next record { table->next_number_field->reset(); if (! last_insert_id && thd->insert_id_used) last_insert_id=thd->insert_id(); } - return 0; + DBUG_RETURN(0); } diff --git a/sql/table.cc b/sql/table.cc index 01a09426634..7e6338a3f3f 100644 --- a/sql/table.cc +++ b/sql/table.cc @@ -1040,6 +1040,11 @@ File create_frm(register my_string name, uint reclength, uchar *fileinfo, if (create_info->min_rows > ~(ulong) 0) create_info->min_rows= ~(ulong) 0; #endif + /* + Ensure that raid_chunks can't be larger than 255, as this would cause + problems with drop database + */ + set_if_smaller(create_info->raid_chunks, 255); if ((file=my_create(name,CREATE_MODE,O_RDWR | O_TRUNC,MYF(MY_WME))) >= 0) { |