From 368ac9f03ef9c1f0c9d02985c13708ac52cfbfaf Mon Sep 17 00:00:00 2001
From: Evgeny Potemkin <epotemkin@mysql.com>
Date: Thu, 4 Nov 2010 16:18:27 +0300
Subject: Bug#57278: Crash on min/max + with date out of range. MySQL
 officially supports DATE values starting from 1000-01-01. This is enforced
 for int values, but not for string values, thus one could easily insert
 '0001-01-01' value. Int values are checked by number_to_datetime function and
 Item_cache_datetime::val_str uses it to fill MYSQL_TIME struct out of cached
 int value. This leads to the scenario where Item_cache_datetime caches a
 non-null datetime value and when it tries to convert it from int to string
 number_to_datetime function treats the value as out-of-range and returns an
 error and Item_cache_datetime::val_str returns NULL for a non-null value. Due
 to this inconsistency server crashes.

Now number_to_datetime allows DATE values below 1000-01-01 if the
TIME_FUZZY_DATE flag is set. Better NULL handling for Item_cache_datetime.
Added the Item_cache_datetime::store function to reset str_value_cached flag
when an item is stored.

mysql-test/r/type_date.result:
  Added a test case for the bug#57278.
mysql-test/t/type_date.test:
  Added a test case for the bug#57278.
sql-common/my_time.c:
  Bug#57278: Crash on min/max + with date out of range.
  Now number_to_datetime allows DATE values below 1000-01-01 if the
  TIME_FUZZY_DATE flag is set.
sql/item.cc:
  Bug#57278: Crash on min/max + with date out of range.
  Item_cache_datetime::val_str now better handles
  null_value.
---
 sql-common/my_time.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'sql-common')

diff --git a/sql-common/my_time.c b/sql-common/my_time.c
index ac6c2ace890..38384600fc1 100644
--- a/sql-common/my_time.c
+++ b/sql-common/my_time.c
@@ -1127,7 +1127,12 @@ longlong number_to_datetime(longlong nr, MYSQL_TIME *time_res,
     nr= (nr+19000000L)*1000000L;                 /* YYMMDD, year: 1970-1999 */
     goto ok;
   }
-  if (nr < 10000101L)
+  /*
+    Though officially we support DATE values from 1000-01-01 only, one can
+    easily insert a value like 1-1-1. So, for consistency reasons such dates
+    are allowed when TIME_FUZZY_DATE is set.
+  */
+  if (nr < 10000101L && !(flags & TIME_FUZZY_DATE))
     goto err;
   if (nr <= 99991231L)
   {
-- 
cgit v1.2.1