Commit 61e0a2a8 authored by unknown's avatar unknown

Fix for BUG#3567: Disallow several SQL statements inside a Prepared Statement.

parent d82d4cbe
......@@ -882,10 +882,12 @@ int yylex(void *arg, void *yythd)
case MY_LEX_COLON: // optional line terminator
if (yyPeek())
{
if (((THD *)yythd)->client_capabilities & CLIENT_MULTI_STATEMENTS)
THD* thd= (THD*)yythd;
if ((thd->client_capabilities & CLIENT_MULTI_STATEMENTS) &&
(thd->command != COM_PREPARE))
{
lex->found_colon=(char*)lex->ptr;
((THD *)yythd)->server_status |= SERVER_MORE_RESULTS_EXISTS;
thd->server_status |= SERVER_MORE_RESULTS_EXISTS;
lex->next_state=MY_LEX_END;
return(END_OF_INPUT);
}
......
......@@ -4940,6 +4940,34 @@ DROP TABLE IF EXISTS test_multi_tab";
mysql_close(mysql_local);
}
/********************************************************
* Check that Prepared statement cannot contain several *
* SQL statements *
*********************************************************/
static void test_prepare_multi_statements()
{
MYSQL *mysql_local;
MYSQL_STMT *stmt;
myheader("test_prepare_multi_statements");
if (!(mysql_local = mysql_init(NULL)))
{
fprintf(stdout,"\n mysql_init() failed");
exit(1);
}
if (!(mysql_real_connect(mysql_local,opt_host,opt_user,
opt_password, current_db, opt_port,
opt_unix_socket, CLIENT_MULTI_STATEMENTS)))
{
fprintf(stdout,"\n connection failed(%s)", mysql_error(mysql_local));
exit(1);
}
strmov(query, "select 1; select 'another value'");
stmt = mysql_simple_prepare(mysql_local,query);
mystmt_init_r(stmt);
mysql_close(mysql_local);
}
/********************************************************
* to test simple bind store result *
......@@ -9210,6 +9238,8 @@ int main(int argc, char **argv)
test_prepare_field_result(); /* prepare meta info */
test_multi_stmt(); /* multi stmt test */
test_multi_statements();/* test multi statement execution */
test_prepare_multi_statements(); /* check that multi statements are
disabled in PS */
test_store_result(); /* test the store_result */
test_store_result1(); /* test store result without buffers */
test_store_result2(); /* test store result for misc case */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment