From 980ba4934fc4e57bb107777d44631f92fb0c6fc7 Mon Sep 17 00:00:00 2001
From: Tor Didriksen <tor.didriksen@oracle.com>
Date: Mon, 18 Jul 2011 10:27:05 +0200
Subject: Bug#12368853 FORMAT() CRASHES WITH LARGE NUMBERS AFTER TRUNCATE...

---
 sql/item_strfunc.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'sql/item_strfunc.cc')

diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc
index 9ea9cbc7312..55087879b98 100644
--- a/sql/item_strfunc.cc
+++ b/sql/item_strfunc.cc
@@ -2316,7 +2316,7 @@ String *Item_func_format::val_str_ascii(String *str)
       return 0; /* purecov: inspected */
     nr= my_double_round(nr, (longlong) dec, FALSE, FALSE);
     str->set_real(nr, dec, &my_charset_numeric);
-    if (isnan(nr))
+    if (isnan(nr) || my_isinf(nr))
       return str;
     str_length=str->length();
   }
@@ -2372,6 +2372,7 @@ String *Item_func_format::val_str_ascii(String *str)
       For short values without thousands (<1000)
       replace decimal point to localized value.
     */
+    DBUG_ASSERT(dec_length <= str_length);
     ((char*) str->ptr())[str_length - dec_length]= lc->decimal_point;
   }
   return str;
-- 
cgit v1.2.1