BUG#30790 : Suspicious code in rpl_utility.cc

This patch clarifies some of the coding choices with documentationa and removes a limitation in the code for future expansion of the CHAR and BINARY fields to length > 255. sql/field.cc: BUG#30790 : Suspicious code in rpl_utility.cc This patch adds an assertion to ensure we are not attempting to encode negative values. sql/log_event.cc: BUG#30790 : Suspicious code in rpl_utility.cc This patch adds comments to help explain the choice of variable types. sql/rpl_utility.cc: BUG#30790 : Suspicious code in rpl_utility.cc This patch removes code from the calc_field_size that is not needed and was ambiguous. Originally intended to future expansion, the code was not needed. Also added are comments to help explain some portions of the code. A change was made to the korr method to use the unsigned version to avoid extended sign problems. sql/rpl_utility.h: BUG#30790 : Suspicious code in rpl_utility.cc This patch corrects some type discrepencies and removes an extra cast.
author: unknown <cbell/Chuck@mysql_cab_desk.> 2007-09-14 11:22:41 -0400
committer: unknown <cbell/Chuck@mysql_cab_desk.> 2007-09-14 11:22:41 -0400
commit: 431fd2c1aaa4991ae6fe65f321f3ee84397cc0ef (patch)
tree: 842348f926dc278b89c6761445c922cfa60b6090 /sql
parent: 0e466b540cdcdb94fb438753e6f987c26fd9d0dd (diff)
download: mariadb-git-431fd2c1aaa4991ae6fe65f321f3ee84397cc0ef.tar.gz
4 files changed, 41 insertions, 20 deletions
diff --git a/sql/field.cc b/sql/field.cc
index 1b01d626512..9e86e405512 100644
--- a/sql/field.cc
+++ b/sql/field.cc
@@ -6732,6 +6732,7 @@ const uint Field_varstring::MAX_SIZE= UINT_MAX16;
 int Field_varstring::do_save_field_metadata(uchar *metadata_ptr)
 {
   char *ptr= (char *)metadata_ptr;
+  DBUG_ASSERT(field_length <= 65535);
   int2store(ptr, field_length);
   return 2;
 }
diff --git a/sql/log_event.cc b/sql/log_event.cc
index 33442baaf90..0dee50c8179 100644
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -6469,6 +6469,16 @@ void Rows_log_event::print_helper(FILE *file,
   data) in the table map are initialized as zero (0). The array size is the 
   same as the columns for the table on the slave.
 
+  Additionally, values saved for field metadata on the master are saved as a 
+  string of bytes (uchar) in the binlog. A field may require 1 or more bytes
+  to store the information. In cases where values require multiple bytes 
+  (e.g. values > 255), the endian-safe methods are used to properly encode 
+  the values on the master and decode them on the slave. When the field
+  metadata values are captured on the slave, they are stored in an array of
+  type uint16. This allows the least number of casts to prevent casting bugs
+  when the field metadata is used in comparisons of field attributes. When
+  the field metadata is used for calculating addresses in pointer math, the
+  type used is uint32. 
 */
 
 /**
diff --git a/sql/rpl_utility.cc b/sql/rpl_utility.cc
index d1ce5bf3b7b..b3ca26d4c2c 100644
--- a/sql/rpl_utility.cc
+++ b/sql/rpl_utility.cc
@@ -31,31 +31,34 @@ uint32 table_def::calc_field_size(uint col, uchar *master_data) const
   switch (type(col)) {
   case MYSQL_TYPE_NEWDECIMAL:
     length= my_decimal_get_binary_size(m_field_metadata[col] >> 8, 
-             m_field_metadata[col] - ((m_field_metadata[col] >> 8) << 8));
+                                       m_field_metadata[col] & 0xff);
     break;
   case MYSQL_TYPE_DECIMAL:
   case MYSQL_TYPE_FLOAT:
   case MYSQL_TYPE_DOUBLE:
     length= m_field_metadata[col];
     break;
+  /*
+    The cases for SET and ENUM are include for completeness, however
+    both are mapped to type MYSQL_TYPE_STRING and their real types
+    are encoded in the field metadata.
+  */
   case MYSQL_TYPE_SET:
   case MYSQL_TYPE_ENUM:
   case MYSQL_TYPE_STRING:
   {
-    if (((m_field_metadata[col] & 0xff00) == (MYSQL_TYPE_SET << 8)) ||
-        ((m_field_metadata[col] & 0xff00) == (MYSQL_TYPE_ENUM << 8)))
+    uchar type= m_field_metadata[col] >> 8U;
+    if ((type == MYSQL_TYPE_SET) || (type == MYSQL_TYPE_ENUM))
       length= m_field_metadata[col] & 0x00ff;
     else
     {
-      length= m_field_metadata[col] & 0x00ff;
-      DBUG_ASSERT(length > 0);
-      if (length > 255)
-      {
-        DBUG_ASSERT(uint2korr(master_data) > 0);
-        length= uint2korr(master_data) + 2;
-      }
-      else
-        length= (uint) *master_data + 1;
+      /*
+        We are reading the actual size from the master_data record
+        because this field has the actual lengh stored in the first
+        byte.
+      */
+      length= (uint) *master_data + 1;
+      DBUG_ASSERT(length != 0);
     }
     break;
   }
@@ -95,6 +98,13 @@ uint32 table_def::calc_field_size(uint col, uchar *master_data) const
     break;
   case MYSQL_TYPE_BIT:
   {
+    /*
+      Decode the size of the bit field from the master.
+        from_len is the length in bytes from the master
+        from_bit_len is the number of extra bits stored in the master record
+      If from_bit_len is not 0, add 1 to the length to account for accurate
+      number of bytes needed.
+    */
     uint from_len= (m_field_metadata[col] >> 8U) & 0x00ff;
     uint from_bit_len= m_field_metadata[col] & 0x00ff;
     DBUG_ASSERT(from_bit_len <= 7);
@@ -136,7 +146,7 @@ uint32 table_def::calc_field_size(uint col, uchar *master_data) const
       length= *master_data;
       break;
     case 2:
-      length= sint2korr(master_data);
+      length= uint2korr(master_data);
       break;
     case 3:
       length= uint3korr(master_data);
diff --git a/sql/rpl_utility.h b/sql/rpl_utility.h
index 4fd38022da0..f2ab34fe947 100644
--- a/sql/rpl_utility.h
+++ b/sql/rpl_utility.h
@@ -99,7 +99,7 @@ public:
           /*
             These types store a single byte.
           */
-          m_field_metadata[i]= (uchar)field_metadata[index];
+          m_field_metadata[i]= field_metadata[index];
           index++;
           break;
         }
@@ -107,14 +107,14 @@ public:
         case MYSQL_TYPE_ENUM:
         case MYSQL_TYPE_STRING:
         {
-          short int x= field_metadata[index++] << 8U; // real_type
-          x = x + field_metadata[index++];            // pack or field length
+          uint16 x= field_metadata[index++] << 8U; // real_type
+          x+= field_metadata[index++];            // pack or field length
           m_field_metadata[i]= x;
           break;
         }
         case MYSQL_TYPE_BIT:
         {
-          short int x= field_metadata[index++]; 
+          uint16 x= field_metadata[index++]; 
           x = x + (field_metadata[index++] << 8U);
           m_field_metadata[i]= x;
           break;
@@ -125,14 +125,14 @@ public:
             These types store two bytes.
           */
           char *ptr= (char *)&field_metadata[index];
-          m_field_metadata[i]= sint2korr(ptr);
+          m_field_metadata[i]= uint2korr(ptr);
           index= index + 2;
           break;
         }
         case MYSQL_TYPE_NEWDECIMAL:
         {
-          short int x= field_metadata[index++] << 8U; // precision
-          x = x + field_metadata[index++];            // decimals
+          uint16 x= field_metadata[index++] << 8U; // precision
+          x+= field_metadata[index++];            // decimals
           m_field_metadata[i]= x;
           break;
         }
author	unknown <cbell/Chuck@mysql_cab_desk.>	2007-09-14 11:22:41 -0400
committer	unknown <cbell/Chuck@mysql_cab_desk.>	2007-09-14 11:22:41 -0400
commit	431fd2c1aaa4991ae6fe65f321f3ee84397cc0ef (patch)
tree	842348f926dc278b89c6761445c922cfa60b6090 /sql
parent	0e466b540cdcdb94fb438753e6f987c26fd9d0dd (diff)
download	mariadb-git-431fd2c1aaa4991ae6fe65f321f3ee84397cc0ef.tar.gz