Commit 1b7f67d6 authored by monty@mysql.com's avatar monty@mysql.com

Fixed memory overrun bug in DELETE ... ORDER BY

parent c4977323
......@@ -537,7 +537,7 @@ int mysql_insert(THD *thd,TABLE_LIST *table,List<Item> &fields,
List<List_item> &values, List<Item> &update_fields,
List<Item> &update_values, enum_duplicates flag);
void kill_delayed_threads(void);
int mysql_delete(THD *thd, TABLE_LIST *table, COND *conds, ORDER *order,
int mysql_delete(THD *thd, TABLE_LIST *table, COND *conds, SQL_LIST *order,
ha_rows rows, ulong options);
int mysql_truncate(THD *thd, TABLE_LIST *table_list, bool dont_send_ok=0);
TABLE *open_ltable(THD *thd, TABLE_LIST *table_list, thr_lock_type update);
......
......@@ -27,7 +27,7 @@
#include "ha_innodb.h"
#include "sql_select.h"
int mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, ORDER *order,
int mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, SQL_LIST *order,
ha_rows limit, ulong options)
{
int error;
......@@ -116,7 +116,7 @@ int mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, ORDER *order,
if (options & OPTION_QUICK)
(void) table->file->extra(HA_EXTRA_QUICK);
if (order)
if (order && order->elements)
{
uint length;
SORT_FIELD *sortorder;
......@@ -130,10 +130,10 @@ int mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, ORDER *order,
table->sort.io_cache = (IO_CACHE *) my_malloc(sizeof(IO_CACHE),
MYF(MY_FAE | MY_ZEROFILL));
if (thd->lex.select_lex.setup_ref_array(thd, 0) ||
if (thd->lex.select_lex.setup_ref_array(thd, order->elements) ||
setup_order(thd, thd->lex.select_lex.ref_pointer_array, &tables,
fields, all_fields, order) ||
!(sortorder=make_unireg_sortorder(order, &length)) ||
fields, all_fields, (ORDER*) order->first) ||
!(sortorder=make_unireg_sortorder((ORDER*) order->first, &length)) ||
(table->sort.found_records = filesort(thd, table, sortorder, length,
select, HA_POS_ERROR,
&examined_rows))
......@@ -613,7 +613,7 @@ int mysql_truncate(THD *thd, TABLE_LIST *table_list, bool dont_send_ok)
{
/* Probably InnoDB table */
table_list->lock_type= TL_WRITE;
DBUG_RETURN(mysql_delete(thd, table_list, (COND*) 0, (ORDER*) 0,
DBUG_RETURN(mysql_delete(thd, table_list, (COND*) 0, (SQL_LIST*) 0,
HA_POS_ERROR, 0));
}
if (lock_and_wait_for_table_name(thd, table_list))
......
......@@ -2626,7 +2626,7 @@ mysql_execute_command(THD *thd)
// Set privilege for the WHERE clause
tables->grant.want_privilege=(SELECT_ACL & ~tables->grant.privilege);
res = mysql_delete(thd,tables, select_lex->where,
(ORDER*) select_lex->order_list.first,
&select_lex->order_list,
select_lex->select_limit, select_lex->options);
if (thd->net.report_error)
res= -1;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment