Bug #20569 Garbage in DECIMAL results from some mathematical functions

Adding decimal "digits" in multiplication resulted in signed overflow and producing wrong results. Fixed by using large enough buffers and intermediary result types : dec2 (currently longlong) to hold result of adding decimal "digits" (currently int32).
author: gkodinov@mysql.com <> 2006-07-06 13:18:05 +0300
committer: gkodinov@mysql.com <> 2006-07-06 13:18:05 +0300
commit: 732b175c296ee6e858d181b5b2bf4cfc19f18598 (patch)
tree: 2e3ef4ddaedcb26307cc9412256ab6f787169763 /strings
parent: 3cc6d95d18a6a94f1f6d920b5fb5f11564cf92b9 (diff)
download: mariadb-git-732b175c296ee6e858d181b5b2bf4cfc19f18598.tar.gz
1 files changed, 10 insertions, 3 deletions
diff --git a/strings/decimal.c b/strings/decimal.c
index 8786a513945..ecd92a54cc9 100644
--- a/strings/decimal.c
+++ b/strings/decimal.c
@@ -170,6 +170,7 @@ static const dec1 frac_max[DIG_PER_DEC1-1]={
 #define ADD(to, from1, from2, carry)  /* assume carry <= 1 */           \
         do                                                              \
         {                                                               \
+          DBUG_ASSERT((carry) <= 1);                                    \
           dec1 a=(from1)+(from2)+(carry);                               \
           if (((carry)= a >= DIG_BASE)) /* no division here! */         \
             a-=DIG_BASE;                                                \
@@ -179,7 +180,7 @@ static const dec1 frac_max[DIG_PER_DEC1-1]={
 #define ADD2(to, from1, from2, carry)                                   \
         do                                                              \
         {                                                               \
-          dec1 a=(from1)+(from2)+(carry);                               \
+          dec2 a=((dec2)(from1))+(from2)+(carry);                       \
           if (((carry)= a >= DIG_BASE))                                 \
             a-=DIG_BASE;                                                \
           if (unlikely(a >= DIG_BASE))                                  \
@@ -187,7 +188,7 @@ static const dec1 frac_max[DIG_PER_DEC1-1]={
             a-=DIG_BASE;                                                \
             carry++;                                                    \
           }                                                             \
-          (to)=a;                                                       \
+          (to)=(dec1) a;                                                \
         } while(0)
 
 #define SUB(to, from1, from2, carry) /* to=from1-from2 */               \
@@ -1998,7 +1999,13 @@ int decimal_mul(decimal_t *from1, decimal_t *from2, decimal_t *to)
       ADD2(*buf0, *buf0, lo, carry);
       carry+=hi;
     }
-    for (; carry; buf0--)
+    if (carry)
+    {
+      if (buf0 < to->buf)
+        return E_DEC_OVERFLOW;
+      ADD2(*buf0, *buf0, 0, carry);
+    }
+    for (buf0--; carry; buf0--)
     {
       if (buf0 < to->buf)
         return E_DEC_OVERFLOW;
author	gkodinov@mysql.com <>	2006-07-06 13:18:05 +0300
committer	gkodinov@mysql.com <>	2006-07-06 13:18:05 +0300
commit	732b175c296ee6e858d181b5b2bf4cfc19f18598 (patch)
tree	2e3ef4ddaedcb26307cc9412256ab6f787169763 /strings
parent	3cc6d95d18a6a94f1f6d920b5fb5f11564cf92b9 (diff)
download	mariadb-git-732b175c296ee6e858d181b5b2bf4cfc19f18598.tar.gz