From 17fc288b3054514f139b32c89c62905d374968e4 Mon Sep 17 00:00:00 2001
From: Sergei Petrunia <psergey@askmonty.org>
Date: Fri, 21 Jul 2017 13:53:58 +0300
Subject: MDEV-13352: Server crashes in st_join_table::remove_duplicates

Do not run the window function computation step when the select
produces no rows (zero_result_cause!=NULL).
This may cause reads from uninitialized memory.

We still need to run the window function computation step when
the output includes just one row  (for example
SELECT MAX(col), RANK() OVER (...) FROM t1 WHERE 1=0).

This fix also resolves an issue with queries with window functions
producing an output row where should be none, like in
SELECT ROW_NUMBER() FROM t1 WHERE 1=0.

Updated a few test results in the existing tests to reflect this.
---
 sql/sql_select.cc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'sql/sql_select.cc')

diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index e8e399868db..90f5e11dd16 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -3398,8 +3398,14 @@ void JOIN::exec_inner()
 
   if (zero_result_cause)
   {
-    if (select_lex->have_window_funcs())
+    if (select_lex->have_window_funcs() && send_row_on_empty_set())
     {
+      /*
+        The query produces just one row but it has window functions.
+
+        The only way to compute the value of window function(s) is to
+        run the entire window function computation step (there is no shortcut).
+      */
       const_tables= table_count;
       first_select= sub_select_postjoin_aggr;
     }
-- 
cgit v1.2.1