• Gleb Shchepa's avatar
    Bug #42037: Queries containing a subquery with DISTINCT and · 31f74831
    Gleb Shchepa authored
                ORDER BY could cause a server crash
    
    Dependent subqueries like
    
      SELECT COUNT(*) FROM t1, t2 WHERE t2.b
       IN (SELECT DISTINCT t2.b FROM t2 WHERE t2.b = t1.a)
    
    caused a memory leak proportional to the
    number of outer rows.
    
    
    The make_simple_join() function has been modified to
    JOIN class method to store join_tab_reexec and
    table_reexec values in the parent join only
    (make_simple_join of tmp_join may access these values
    via 'this' pointer of the parent JOIN).
    
    NOTE: this patch doesn't include standard test case (this is
    "out of memory" bug). See bug #42037 page for test cases.
    
    
    sql/sql_select.cc:
      Bug #42037: Queries containing a subquery with DISTINCT and
                  ORDER BY could cause a server crash
      
      The make_simple_join() function has been modified to
      JOIN class method to store join_tab_reexec and
      table_reexec values in the parent join only.
    sql/sql_select.h:
      Bug #42037: Queries containing a subquery with DISTINCT and
                  ORDER BY could cause a server crash
      
      1. The make_simple_join() function has been modified to
         JOIN class method.
      
      2. Type of JOIN::table_reexec field has been changed from
         TABLE** to TABLE *table_reexec[1]: this field always was
         NULL or a pointer to one-element array of pointers, so
         a pointer to a pointer has been replaced with one pointer
         and unnecessary memory allocation has been eliminated.
    31f74831
sql_select.cc 502 KB