From ea270178b09bb1e2e1131957e95f36cd1f611b22 Mon Sep 17 00:00:00 2001 From: Igor Babaev Date: Thu, 19 Jan 2023 21:43:29 +0100 Subject: MDEV-30052 Crash with a query containing nested WINDOW clauses Use SELECT_LEX to save lists for ORDER BY and GROUP BY before parsing WINDOW clauses / specifications. This is needed for proper parsing of a nested WINDOW clause when a WINDOW clause is used in a subquery contained in another WINDOW clause. Fix assignment of empty SQL_I_List to another one (in case of empty list next shoud point on first). --- sql/sql_lex.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'sql/sql_lex.h') diff --git a/sql/sql_lex.h b/sql/sql_lex.h index bdc8b5476b2..febe4cf459e 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -975,6 +975,7 @@ public: group_list_ptrs, and re-establish the original list before each execution. */ SQL_I_List group_list; + SQL_I_List save_group_list; Group_list_ptrs *group_list_ptrs; List item_list; /* list of fields & expressions */ @@ -1040,6 +1041,7 @@ public: const char *type; /* type of select for EXPLAIN */ SQL_I_List order_list; /* ORDER clause */ + SQL_I_List save_order_list; SQL_I_List gorder_list; Item *select_limit, *offset_limit; /* LIMIT clause parameters */ @@ -1249,9 +1251,7 @@ public: void set_lock_for_tables(thr_lock_type lock_type, bool for_update); inline void init_order() { - order_list.elements= 0; - order_list.first= 0; - order_list.next= &order_list.first; + order_list.empty(); } /* This method created for reiniting LEX in mysql_admin_table() and can be @@ -3215,8 +3215,6 @@ public: } - SQL_I_List save_group_list; - SQL_I_List save_order_list; LEX_CSTRING *win_ref; Window_frame *win_frame; Window_frame_bound *frame_top_bound; -- cgit v1.2.1 From 074bef4dcaad15dba40013e9d2ddf0011b7744a1 Mon Sep 17 00:00:00 2001 From: Igor Babaev Date: Sat, 21 Jan 2023 00:09:58 -0800 Subject: MDEV-30248 Infinite sequence of recursive calls when processing embedded CTE This patch fixes the patch for bug MDEV-30248 that unsatisfactorily resolved the problem of resolution of references to CTE. In some cases when such a reference has the same table name as the name of one of CTEs containing this reference the reference could be resolved incorrectly that led to an invalid select tree where units could be mutually dependent. This in its turn could lead to an infinite sequence of recursive calls or to falls into infinite loops. The patch also removes LEX::resolve_references_to_cte_in_hanging_cte() as with the new code for resolution of CTE references the call of this function is not needed anymore. Approved by Oleksandr Byelkin --- sql/sql_lex.h | 1 - 1 file changed, 1 deletion(-) (limited to 'sql/sql_lex.h') diff --git a/sql/sql_lex.h b/sql/sql_lex.h index febe4cf459e..064d0de8905 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -4051,7 +4051,6 @@ public: } bool check_dependencies_in_with_clauses(); - bool resolve_references_to_cte_in_hanging_cte(); bool check_cte_dependencies_and_resolve_references(); bool resolve_references_to_cte(TABLE_LIST *tables, TABLE_LIST **tables_last); -- cgit v1.2.1