From 6139d34c92bf9c2e1a2fe19b41c7e19f5cbe2787 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 5 Jul 2007 18:24:48 +0300 Subject: Bug #29166: AsText() needs to know the maximum number of characters a IEEE double precision value can occupy to make sure there's enough buffer space. The number was too small to hold all possible values and this caused buffer overruns. Fixed by correcting the calculation of the maximum digits in a string representation of an IEEE double precision value as printed by String::qs_append(double). mysql-test/r/gis.result: Bug #29166: test case mysql-test/t/gis.test: Bug #29166: test case sql/spatial.cc: Bug #29166: correct calculation of the maximum digits in a string representation of a double --- mysql-test/t/gis.test | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'mysql-test/t/gis.test') diff --git a/mysql-test/t/gis.test b/mysql-test/t/gis.test index 95ccc6272e2..79743a0b8f4 100644 --- a/mysql-test/t/gis.test +++ b/mysql-test/t/gis.test @@ -570,4 +570,24 @@ create table t2 as select f2 as a from t1 union select f3 from t1; desc t2; select AsText(a) from t2; drop table t1, t2; + +# +# Bug #29166: MYsql crash when query is run +# + +# The test query itself is not logged : too large output. +# The real test is the second query : see if the first hasn't crashed the +# server +--disable_query_log +--disable_result_log +SELECT AsText(GeometryFromText(CONCAT( + 'MULTIPOLYGON(((', + REPEAT ('-0.00000000001234567890123456789012 -0.123456789012345678,', 1000), + '-0.00000000001234567890123456789012 -0.123456789012345678', + ')))' +))) AS a; +--enable_result_log +--enable_query_log +SELECT 1; + --echo End of 5.0 tests -- cgit v1.2.1