From 8f4af421459d01a48e66a3279c174ef17ed486c0 Mon Sep 17 00:00:00 2001 From: Alexander Barkov Date: Thu, 18 Nov 2010 16:11:18 +0300 Subject: Bug#57279 updatexml dies with: Assertion failed: str_arg[length] == 0 Problem: crash in Item_float constructor on DBUG_ASSERT due to not null-terminated string parameter. Fix: making Item_float::Item_float non-null-termintated parameter safe: - Using temporary buffer when generating error modified: @ mysql-test/r/xml.result @ mysql-test/t/xml.test @ sql/item.cc --- mysql-test/t/xml.test | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'mysql-test/t/xml.test') diff --git a/mysql-test/t/xml.test b/mysql-test/t/xml.test index 6e7d38cdfca..e9f137adf1b 100644 --- a/mysql-test/t/xml.test +++ b/mysql-test/t/xml.test @@ -617,4 +617,14 @@ FROM t1 ORDER BY t1.id; DROP TABLE t1; +--echo # +--echo # Bug#57279 updatexml dies with: Assertion failed: str_arg[length] == 0 +--echo # + +--error ER_ILLEGAL_VALUE_FOR_TYPE +SELECT UPDATEXML(NULL, (LPAD(0.1111E-15, '2011', 1)), 1); +--error ER_ILLEGAL_VALUE_FOR_TYPE +SELECT EXTRACTVALUE('', LPAD(0.1111E-15, '2011', 1)); + + --echo End of 5.1 tests -- cgit v1.2.1 From 76ce2feb5fb5a280049c49becad3806cd58db5c3 Mon Sep 17 00:00:00 2001 From: Alexander Barkov Date: Fri, 19 Nov 2010 18:24:29 +0300 Subject: Bug#58175 xml functions read initialized bytes when conversions happen Problem: nr_of_decimals could read behind the end of the buffer in case of a non-null-terminated string, which caused valgring warnings. Fix: fixing nr_of_decimals not to read behind the "end" pointer. modified: @ mysql-test/r/xml.result @ mysql-test/t/xml.test @ sql/item.cc --- mysql-test/t/xml.test | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'mysql-test/t/xml.test') diff --git a/mysql-test/t/xml.test b/mysql-test/t/xml.test index e9f137adf1b..4d5c5e1a91e 100644 --- a/mysql-test/t/xml.test +++ b/mysql-test/t/xml.test @@ -628,3 +628,18 @@ SELECT EXTRACTVALUE('', LPAD(0.1111E-15, '2011', 1)); --echo End of 5.1 tests + + +--echo # +--echo # Start of 5.5 tests +--echo # + +--echo # +--echo # Bug#58175 xml functions read initialized bytes when conversions happen +--echo # +SET NAMES latin1; +SELECT UPDATEXML(CONVERT('' USING swe7), TRUNCATE('',1), 0); + +--echo # +--echo # End of 5.5 tests +--echo # -- cgit v1.2.1