From 749d8dedc323154f4aa8a6e26dd464696e8c3fed Mon Sep 17 00:00:00 2001
From: Marc Olivier Bergeron <mocb28@gmail.com>
Date: Wed, 17 Nov 2021 17:14:27 +1100
Subject: MDEV-27066: Fixed scientific notation parsing bug

The bug occurs where the float token containing a dot with an 'e'
notation was dropped from the request completely.

This causes a manner of invalid SQL statements like:

select id 1.e, char 10.e(id 2.e), concat 3.e('a'12356.e,'b'1.e,'c'1.1234e)1.e, 12 1.e*2 1.e, 12 1.e/2 1.e, 12 1.e|2 1.e, 12 1.e^2 1.e, 12 1.e%2 1.e, 12 1.e&2 from test;

To be parsed correctly as if it was:

select id, char(id), concat('a','b','c'), 12*2, 12/2, 12|2, 12^2, 12%2, 12&2 from test.test;

This correct parsing occurs when e is followed by any of:

( ) . , | & % * ^ /
---
 sql/sql_lex.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'sql/sql_lex.cc')

diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc
index b7ed632ed12..ed0b4b36553 100644
--- a/sql/sql_lex.cc
+++ b/sql/sql_lex.cc
@@ -1664,8 +1664,7 @@ static int lex_one_token(YYSTYPE *yylval, THD *thd)
           c = lip->yyGet();                     // Skip sign
 	if (!my_isdigit(cs,c))
 	{				// No digit after sign
-	  state= MY_LEX_CHAR;
-	  break;
+	  return (ABORT_SYM);
 	}
         while (my_isdigit(cs,lip->yyGet())) ;
         yylval->lex_str=get_token(lip, 0, lip->yyLength());
-- 
cgit v1.2.1