From 7bf304a6bd85c6fdfdf2c6ff8c4a7a2d0ce3c681 Mon Sep 17 00:00:00 2001 From: unknown <gkodinov/kgeorge@magare.gmz> Date: Tue, 3 Apr 2007 18:00:57 +0300 Subject: [PATCH] Bug #27513: test case added to make sure this crash bug doesn't reappear. mysql-test/r/errors.result: Bug #27513: test case mysql-test/t/errors.test: Bug #27513: test case --- mysql-test/r/errors.result | 18 ++++++++++++++++++ mysql-test/t/errors.test | 11 +++++++++++ 2 files changed, 29 insertions(+) diff --git a/mysql-test/r/errors.result b/mysql-test/r/errors.result index 0c84f24a2e..0b12853ab8 100644 --- a/mysql-test/r/errors.result +++ b/mysql-test/r/errors.result @@ -28,3 +28,21 @@ ERROR 42000: Display width out of range for column 'a' (max = 255) set sql_mode='traditional'; create table t1 (a varchar(66000)); ERROR 42000: Column length too big for column 'a' (max = 65535); use BLOB or TEXT instead +CREATE TABLE t1 (a INT); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +a +Warnings: +Error 1365 Division by 0 +INSERT INTO t1 VALUES(1); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +a +1 +Warnings: +Error 1365 Division by 0 +INSERT INTO t1 VALUES(2),(3); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +a +1 +Warnings: +Error 1365 Division by 0 +DROP TABLE t1; diff --git a/mysql-test/t/errors.test b/mysql-test/t/errors.test index f5647a293e..6ddef2a8c0 100644 --- a/mysql-test/t/errors.test +++ b/mysql-test/t/errors.test @@ -41,4 +41,15 @@ set sql_mode='traditional'; --error 1074 create table t1 (a varchar(66000)); +# +# Bug #27513: mysql 5.0.x + NULL pointer DoS +# +CREATE TABLE t1 (a INT); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +INSERT INTO t1 VALUES(1); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +INSERT INTO t1 VALUES(2),(3); +SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0))); +DROP TABLE t1; + # End of 5.0 tests -- 2.30.9