3 files changed, 43 insertions, 8 deletions
diff --git a/mysql-test/r/ctype_recoding.result b/mysql-test/r/ctype_recoding.result
index 3f8ab75957b..4d7d33933cf 100644
--- a/mysql-test/r/ctype_recoding.result
+++ b/mysql-test/r/ctype_recoding.result
@@ -165,7 +165,7 @@ CREATE TABLE `good�����` (a int);
 ERROR HY000: Invalid utf8 character string: '�����'
 SET NAMES utf8;
 CREATE TABLE `good�����` (a int);
-ERROR HY000: Invalid utf8 character string: '�����` (a int)'
+ERROR HY000: Invalid utf8 character string: '�����'
 set names latin1;
 create table t1 (a char(10) character set koi8r, b text character set koi8r);
 insert into t1 values ('test','test');
diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc
index 061a20679e7..b0b4256184c 100644
--- a/sql/sql_lex.cc
+++ b/sql/sql_lex.cc
@@ -32,10 +32,10 @@ sys_var_long_ptr trg_new_row_fake_var(0, 0);
 
 /* Macros to look like lex */
 
-#define yyGet()		*(lip->ptr++)
-#define yyGetLast()	lip->ptr[-1]
-#define yyPeek()	lip->ptr[0]
-#define yyPeek2()	lip->ptr[1]
+#define yyGet()		((uchar)*(lip->ptr++))
+#define yyGetLast()	((uchar)lip->ptr[-1])
+#define yyPeek()	((uchar)lip->ptr[0])
+#define yyPeek2()	((uchar)lip->ptr[1])
 #define yyUnget()	lip->ptr--
 #define yySkip()	lip->ptr++
 #define yyLength()	((uint) (lip->ptr - lip->tok_start)-1)
@@ -813,9 +813,11 @@ int MYSQLlex(void *arg, void *yythd)
 	  }
 	}
 #ifdef USE_MB
-	else if (var_length < 1)
-	  break;				// Error
-	lip->ptr+= var_length-1;
+	else if (use_mb(cs))
+        {
+          if ((var_length= my_ismbchar(cs, lip->ptr-1, lip->end_of_query)))
+            lip->ptr+= var_length-1;
+        }
 #endif
       }
       if (double_quotes)
diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c
index 040ef4d050d..63137bdba93 100644
--- a/tests/mysql_client_test.c
+++ b/tests/mysql_client_test.c
@@ -16647,6 +16647,38 @@ static void test_bug41078(void)
   DBUG_VOID_RETURN;
 }
 
+
+/**
+  Bug#45010: invalid memory reads during parsing some strange statements
+*/
+
+static void test_bug45010()
+{
+  int rc;
+  const char query1[]= "select a.\x80",
+             query2[]= "describe `table\xef";
+
+  DBUG_ENTER("test_bug45010");
+  myheader("test_bug45010");
+
+  rc= mysql_query(mysql, "set names utf8");
+  myquery(rc);
+
+  /* \x80 (-128) could be used as a index of ident_map. */
+  rc= mysql_real_query(mysql, query1, sizeof(query1) - 1);
+  DIE_UNLESS(rc);
+
+  /* \xef (-17) could be used to skip 3 bytes past the buffer end. */
+  rc= mysql_real_query(mysql, query2, sizeof(query2) - 1);
+  DIE_UNLESS(rc);
+
+  rc= mysql_query(mysql, "set names default");
+  myquery(rc);
+
+  DBUG_VOID_RETURN;
+}
+
+
 /*
   Read and parse arguments and MySQL options from my.cnf
 */
@@ -16949,6 +16981,7 @@ static struct my_tests_st my_tests[]= {
 #endif
   { "test_bug41078", test_bug41078 },
   { "test_bug20023", test_bug20023 },
+  { "test_bug45010", test_bug45010 },
   { 0, 0 }
 };