diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2021-09-15 16:06:02 +0200 |
|---|---|---|
| committer | Oleksandr Byelkin <sanja@mariadb.com> | 2021-09-15 16:06:02 +0200 |
| commit | d667a01d0f74780907a27d26292f066efa405b68 (patch) | |
| tree | 77269884f02e5b20aab8765bf3d7a591e7d937e1 | |
| parent | 696de6d06c0eeaf7b20d5f89278ed7d62a9f204f (diff) | |
| download | mariadb-git-bb-10.2-MDEV-25766.tar.gz | |
MDEV-25766 Unused CTE lead to a crash in find_field_in_tables/find_order_in_listbb-10.2-MDEV-25766
Do not assume that subquery Item always present.
| -rw-r--r-- | mysql-test/r/cte_nonrecursive.result | 33 | ||||
| -rw-r--r-- | mysql-test/t/cte_nonrecursive.test | 36 | ||||
| -rw-r--r-- | sql/sql_base.cc | 7 |
3 files changed, 73 insertions, 3 deletions
diff --git a/mysql-test/r/cte_nonrecursive.result b/mysql-test/r/cte_nonrecursive.result index 2504e55d77c..98c5f711385 100644 --- a/mysql-test/r/cte_nonrecursive.result +++ b/mysql-test/r/cte_nonrecursive.result @@ -2086,4 +2086,37 @@ a b a b 1 3 1 3 drop procedure sp; drop table t1; +# +# MDEV-25766: Unused CTE lead to a crash in +# find_field_in_tables/find_order_in_list +# +create table t1 (f1 INTEGER); +create view v1 as +select +subq_0.c4 as c2, +subq_0.c4 as c4 +from +(select +ref_0.f1 as c4 +from +t1 as ref_0 +where (select 1) +) as subq_0 +order by c2, c4 desc; +WITH +unused_with AS (select +subq_0.c4 as c6 +from +(select +11 as c4 +from +v1 as ref_0 +) as subq_0, +v1 as ref_2 +) +select 1 ; +1 +1 +drop view v1; +drop table t1; # End of 10.2 tests diff --git a/mysql-test/t/cte_nonrecursive.test b/mysql-test/t/cte_nonrecursive.test index c20a0dc1d39..ad6cb8cbf43 100644 --- a/mysql-test/t/cte_nonrecursive.test +++ b/mysql-test/t/cte_nonrecursive.test @@ -1542,4 +1542,40 @@ call sp(); drop procedure sp; drop table t1; +--echo # +--echo # MDEV-25766: Unused CTE lead to a crash in +--echo # find_field_in_tables/find_order_in_list +--echo # + +create table t1 (f1 INTEGER); + +create view v1 as +select + subq_0.c4 as c2, + subq_0.c4 as c4 + from + (select + ref_0.f1 as c4 + from + t1 as ref_0 + where (select 1) + ) as subq_0 + order by c2, c4 desc; + +WITH +unused_with AS (select + subq_0.c4 as c6 + from + (select + 11 as c4 + from + v1 as ref_0 + ) as subq_0, + v1 as ref_2 +) +select 1 ; + +drop view v1; +drop table t1; + --echo # End of 10.2 tests diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 9a66b27a454..0210bf356d4 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -6010,9 +6010,10 @@ find_field_in_tables(THD *thd, Item_ident *item, sl=sl->outer_select()) { Item *subs= sl->master_unit()->item; - if (subs->type() == Item::SUBSELECT_ITEM && - ((Item_subselect*)subs)->substype() == Item_subselect::IN_SUBS && - ((Item_in_subselect*)subs)->test_strategy(SUBS_SEMI_JOIN)) + if (!subs || + (subs->type() == Item::SUBSELECT_ITEM && + ((Item_subselect*)subs)->substype() == Item_subselect::IN_SUBS && + ((Item_in_subselect*)subs)->test_strategy(SUBS_SEMI_JOIN))) { continue; } |