diff options
| author | unknown <gshchepa/uchum@gleb.loc> | 2007-07-30 04:35:16 +0500 |
|---|---|---|
| committer | unknown <gshchepa/uchum@gleb.loc> | 2007-07-30 04:35:16 +0500 |
| commit | 33fc4ad4e124413ef617a1a073bb50135f6a12af (patch) | |
| tree | 217ada9fdf9cbaee6091b563f7c98f522334fb25 /sql/item.h | |
| parent | d86f0a1382c71a6e1bb4f7d8d42cf2b8336c02cc (diff) | |
| download | mariadb-git-33fc4ad4e124413ef617a1a073bb50135f6a12af.tar.gz | |
Fixed bug #30120.
SP with local variables with non-ASCII names crashed the server.
The server replaces SP local variable names with NAME_CONST calls
when putting statements into the binary log. It used UTF8-encoded
item names as variable names for the replacement inside NAME_CONST
calls. However, statement string may be encoded by any
known character set by the SET NAMES statement.
The server used byte length of UTF8-encoded names to increment
the position in the query string that led to array index overrun.
sql/item.cc:
Fixed bug #30120.
The Item_splocal class constructor has been modified to
accept new parameter `len_in_q': the byte length of
variable name in the query string.
sql/item.h:
Fixed bug #30120.
The Item_splocal class has been modified to keep new
field `len_in_query': the byte length of variable name in
the query string.
sql/sp_head.cc:
Fixed bug #30120.
The subst_spvars function has been modified to increment
position in the query string by the lengths of not
encoded variable names instead of byte length of names
encoded to UTF-8.
sql/sql_yacc.yy:
Fixed bug #30120.
The simple_ident rule action has been modified to
pass the byte length of the local variable name token
to the Item_splocal object constructor.
mysql-test/t/sp.test:
Updated test case for bug #30120.
mysql-test/r/sp.result:
Updated test case for bug #30120.
Diffstat (limited to 'sql/item.h')
| -rw-r--r-- | sql/item.h | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sql/item.h b/sql/item.h index 72236cb5e63..23f6977a0f8 100644 --- a/sql/item.h +++ b/sql/item.h @@ -960,9 +960,18 @@ public: SP variable in query text. */ uint pos_in_query; + /* + Byte length of SP variable name in the statement (see pos_in_query). + The value of this field may differ from the name_length value because + name_length contains byte length of UTF8-encoded item name, but + the query string (see sp_instr_stmt::m_query) is currently stored with + a charset from the SET NAMES statement. + */ + uint len_in_query; Item_splocal(const LEX_STRING &sp_var_name, uint sp_var_idx, - enum_field_types sp_var_type, uint pos_in_q= 0); + enum_field_types sp_var_type, + uint pos_in_q= 0, uint len_in_q= 0); bool is_splocal() { return 1; } /* Needed for error checking */ |