From c632a76e0adf47460c06a52a9f1637080e97e8d3 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Mon, 13 Dec 2010 13:39:26 +0300 Subject: Bug#58396 group_concat and explain extended are still crashy Explain fails at fix_fields stage and some items are left unfixed, particulary Item_group_concat. Item_group_concat::orig_args field is uninitialized in this case and Item_group_concat::print call leads to crash. The fix: move the initialization of Item_group_concat::orig_args into constructor. mysql-test/r/func_gconcat.result: test case mysql-test/t/func_gconcat.test: test case sql/item_sum.cc: move the initialization of Item_group_concat::orig_args into constructor. --- sql/item_sum.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/item_sum.cc b/sql/item_sum.cc index 65f8222d38b..a60a6b3ef95 100644 --- a/sql/item_sum.cc +++ b/sql/item_sum.cc @@ -3003,6 +3003,7 @@ Item_func_group_concat(Name_resolution_context *context_arg, order_item->item= arg_ptr++; } } + memcpy(orig_args, args, sizeof(Item*) * arg_count); } @@ -3233,7 +3234,6 @@ Item_func_group_concat::fix_fields(THD *thd, Item **ref) if (check_sum_func(thd, ref)) return TRUE; - memcpy (orig_args, args, sizeof (Item *) * arg_count); fixed= 1; return FALSE; } -- cgit v1.2.1