From 7bf304a6bd85c6fdfdf2c6ff8c4a7a2d0ce3c681 Mon Sep 17 00:00:00 2001
From: unknown <gkodinov/kgeorge@magare.gmz>
Date: Tue, 3 Apr 2007 18:00:57 +0300
Subject: [PATCH] Bug #27513: test case added to make sure this crash bug
 doesn't reappear.

mysql-test/r/errors.result:
  Bug #27513: test case
mysql-test/t/errors.test:
  Bug #27513: test case
---
 mysql-test/r/errors.result | 18 ++++++++++++++++++
 mysql-test/t/errors.test   | 11 +++++++++++
 2 files changed, 29 insertions(+)

diff --git a/mysql-test/r/errors.result b/mysql-test/r/errors.result
index 0c84f24a2e..0b12853ab8 100644
--- a/mysql-test/r/errors.result
+++ b/mysql-test/r/errors.result
@@ -28,3 +28,21 @@ ERROR 42000: Display width out of range for column 'a' (max = 255)
 set sql_mode='traditional';
 create table t1 (a varchar(66000));
 ERROR 42000: Column length too big for column 'a' (max = 65535); use BLOB or TEXT instead
+CREATE TABLE t1 (a INT);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+a
+Warnings:
+Error	1365	Division by 0
+INSERT INTO t1 VALUES(1);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+a
+1
+Warnings:
+Error	1365	Division by 0
+INSERT INTO t1 VALUES(2),(3);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+a
+1
+Warnings:
+Error	1365	Division by 0
+DROP TABLE t1;
diff --git a/mysql-test/t/errors.test b/mysql-test/t/errors.test
index f5647a293e..6ddef2a8c0 100644
--- a/mysql-test/t/errors.test
+++ b/mysql-test/t/errors.test
@@ -41,4 +41,15 @@ set sql_mode='traditional';
 --error 1074
 create table t1 (a varchar(66000));
 
+#
+# Bug #27513: mysql 5.0.x + NULL pointer DoS
+#
+CREATE TABLE t1 (a INT);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+INSERT INTO t1 VALUES(1);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+INSERT INTO t1 VALUES(2),(3);
+SELECT a FROM t1 WHERE a IN(1, (SELECT IF(1=0,1,2/0)));
+DROP TABLE t1;
+
 # End of 5.0 tests
-- 
2.30.9