From eb47b226d268e7820a9153672798cf991a8fd0fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vicen=C8=9Biu=20Ciorbaru?= <vicentiu@mariadb.org>
Date: Wed, 15 Apr 2015 16:23:43 +0300
Subject: MDEV-7820 Server crashes in in my_strcasecmp_utf8 on subquery in
 ORDER BY clause of GROUP_CONCAT

It is possible for Item_field to have a NULL field_name. This is true if
the Item_field is created based on a field in a temporary table that has
no name. It is thus necessary to do a null check before attempting a
strcmp.
---
 mysql-test/t/func_gconcat.test | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'mysql-test/t')

diff --git a/mysql-test/t/func_gconcat.test b/mysql-test/t/func_gconcat.test
index 936b93b49c9..20fbed702e9 100644
--- a/mysql-test/t/func_gconcat.test
+++ b/mysql-test/t/func_gconcat.test
@@ -803,3 +803,21 @@ create table t1 (a char(1) character set utf8);
 insert into t1 values ('a'),('b');
 select 1 from t1 where a in (select group_concat(a) from t1);
 drop table t1;
+
+#
+# MDEV-7820 Server crashes in in my_strcasecmp_utf8 on subquery in ORDER BY clause of GROUP_CONCAT
+#
+CREATE TABLE t1 (f1 VARCHAR(10)) ENGINE=MyISAM;
+INSERT INTO t1 VALUES ('a'),('b');
+
+CREATE TABLE t2 (f2 VARCHAR(10)) ENGINE=MyISAM;
+INSERT INTO t2 VALUES ('c');
+
+CREATE TABLE t3 (f3 VARCHAR(10)) ENGINE=MyISAM;
+INSERT INTO t3 VALUES ('d'),('e');
+
+SELECT GROUP_CONCAT( f2 ORDER BY ( f2 IN ( SELECT f1 FROM t1 WHERE f1 <= f2 ) ) ) AS field
+FROM ( SELECT * FROM t2 ) AS sq2, t3
+ORDER BY field;
+
+drop table t3, t2, t1;
-- 
cgit v1.2.1