Post-review fix.

c865f491 · pem@mysql.com · ca5e435f · c865f491
Commit c865f491 authored Oct 21, 2005 by pem@mysql.com
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

sql/sp_head.cc sql/sp_head.cc +4 -3

No files found.
--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -295,7 +295,7 @@ sp_eval_func_item(THD *thd, Item **it_addr, enum enum_field_types type,

    /*
      For some functions, 's' is now pointing to an argument of the
-      function, which might be a local variable that it to be reused.
+      function, which might be a local variable that is to be reused.
      In this case, new(reuse, &rsize) below will call the destructor
      and 's' ends up pointing to freed memory.
      A somewhat ugly fix is to simply copy the string to our local one
@@ -304,7 +304,8 @@ sp_eval_func_item(THD *thd, Item **it_addr, enum enum_field_types type,
     */
    if (reuse && s != &tmp && s != &it->str_value)
    {
-      tmp.copy(s->c_ptr(), s->length(), it->collation.collation);
+      if (tmp.copy((const String)(*s)))
+        DBUG_RETURN(NULL);
      s= &tmp;
    }

@@ -338,7 +339,7 @@ sp_eval_func_item(THD *thd, Item **it_addr, enum enum_field_types type,

 return_null_item:
  CREATE_ON_CALLERS_ARENA(it= new(reuse, &rsize) Item_null(),
-                    use_callers_arena, &backup_arena);
+                          use_callers_arena, &backup_arena);
 end:
  it->rsize= rsize;