Commit 7b327a58 authored by Davi Arnaut's avatar Davi Arnaut

Merge mysql-5.0-bugteam into mysql-5.1-bugteam.

parents 459b8b3d 4ab10baa
......@@ -111,3 +111,6 @@ set @a=-14632475938453979136;
execute s using @a, @a;
ERROR HY000: Incorrect arguments to EXECUTE
End of 5.0 tests
select 1 as a limit 4294967296,10;
a
End of 5.1 tests
......@@ -6846,6 +6846,19 @@ select substr(`str`, `pos`+ 1 ) into `str`;
end $
call `p2`('s s s s s s');
drop procedure `p2`;
drop table if exists t1;
drop procedure if exists p1;
create procedure p1() begin select * from t1; end$
call p1$
ERROR 42S02: Table 'test.t1' doesn't exist
create table t1 (a integer)$
call p1$
a
alter table t1 add b integer;
call p1$
a
drop table t1;
drop procedure p1;
# ------------------------------------------------------------------
# -- End of 5.0 tests
# ------------------------------------------------------------------
......
......@@ -95,3 +95,11 @@ set @a=-14632475938453979136;
execute s using @a, @a;
--echo End of 5.0 tests
#
# Bug#37075: offset of limit clause might be truncated to 0 on 32-bits server w/o big tables
#
select 1 as a limit 4294967296,10;
--echo End of 5.1 tests
......@@ -8041,6 +8041,28 @@ delimiter ;$
call `p2`('s s s s s s');
drop procedure `p2`;
#
# Bug#38823: Invalid memory access when a SP statement does wildcard expansion
#
--disable_warnings
drop table if exists t1;
drop procedure if exists p1;
--enable_warnings
delimiter $;
create procedure p1() begin select * from t1; end$
--error ER_NO_SUCH_TABLE
call p1$
create table t1 (a integer)$
call p1$
alter table t1 add b integer;
call p1$
delimiter ;$
drop table t1;
drop procedure p1;
--echo # ------------------------------------------------------------------
--echo # -- End of 5.0 tests
--echo # ------------------------------------------------------------------
......
......@@ -1805,7 +1805,8 @@ Item_field::Item_field(THD *thd, Name_resolution_context *context_arg,
be allocated in the statement memory, not in table memory (the table
structure can go away and pop up again between subsequent executions
of a prepared statement or after the close_tables_for_reopen() call
in mysql_multi_update_prepare()).
in mysql_multi_update_prepare() or due to wildcard expansion in stored
procedures).
*/
{
if (db_name)
......
......@@ -2397,15 +2397,20 @@ void st_select_lex_unit::set_limit(st_select_lex *sl)
val= sl->select_limit ? sl->select_limit->val_uint() : HA_POS_ERROR;
select_limit_val= (ha_rows)val;
#ifndef BIG_TABLES
/*
/*
Check for overflow : ha_rows can be smaller then ulonglong if
BIG_TABLES is off.
*/
if (val != (ulonglong)select_limit_val)
select_limit_val= HA_POS_ERROR;
#endif
offset_limit_cnt= (ha_rows)(sl->offset_limit ? sl->offset_limit->val_uint() :
ULL(0));
val= sl->offset_limit ? sl->offset_limit->val_uint() : ULL(0);
offset_limit_cnt= (ha_rows)val;
#ifndef BIG_TABLES
/* Check for truncation. */
if (val != (ulonglong)offset_limit_cnt)
offset_limit_cnt= HA_POS_ERROR;
#endif
select_limit_cnt= select_limit_val + offset_limit_cnt;
if (select_limit_cnt < select_limit_val)
select_limit_cnt= HA_POS_ERROR; // no limit
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment