Commit 95825fa2 authored by Knut Anders Hatlen's avatar Knut Anders Hatlen

Bug#21682356: STOP INJECTING DATA ITEMS IN AN ERROR MESSAGE

              GENERATED BY THE EXP() FUNCTION

When generating the error message for numeric overflow, pass a flag to
Item::print() that prevents it from expanding constant expressions and
parameters to the values they evaluate to.

For consistency, also pass the flag to Item::print() when
Item_func_spatial_collection::fix_length_and_dec() generates an error
message. It doesn't make any difference at the moment, since constant
expressions haven't been evaluated yet when this function is called.
parent 79032a7a
...@@ -632,9 +632,9 @@ ERROR 22003: BIGINT UNSIGNED value is out of range in '(18446744073709551615 DIV ...@@ -632,9 +632,9 @@ ERROR 22003: BIGINT UNSIGNED value is out of range in '(18446744073709551615 DIV
CREATE TABLE t1(a BIGINT, b BIGINT UNSIGNED); CREATE TABLE t1(a BIGINT, b BIGINT UNSIGNED);
INSERT INTO t1 VALUES(-9223372036854775808, 9223372036854775809); INSERT INTO t1 VALUES(-9223372036854775808, 9223372036854775809);
SELECT -a FROM t1; SELECT -a FROM t1;
ERROR 22003: BIGINT value is out of range in '-('-9223372036854775808')' ERROR 22003: BIGINT value is out of range in '-(`test`.`t1`.`a`)'
SELECT -b FROM t1; SELECT -b FROM t1;
ERROR 22003: BIGINT value is out of range in '-('9223372036854775809')' ERROR 22003: BIGINT value is out of range in '-(`test`.`t1`.`b`)'
DROP TABLE t1; DROP TABLE t1;
SET @a:=999999999999999999999999999999999999999999999999999999999999999999999999999999999; SET @a:=999999999999999999999999999999999999999999999999999999999999999999999999999999999;
SELECT @a + @a; SELECT @a + @a;
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -3456,7 +3456,7 @@ Item_param::eq(const Item *arg, bool binary_cmp) const ...@@ -3456,7 +3456,7 @@ Item_param::eq(const Item *arg, bool binary_cmp) const
void Item_param::print(String *str, enum_query_type query_type) void Item_param::print(String *str, enum_query_type query_type)
{ {
if (state == NO_VALUE) if (state == NO_VALUE || query_type & QT_NO_DATA_EXPANSION)
{ {
str->append('?'); str->append('?');
} }
...@@ -6197,7 +6197,8 @@ Item *Item_field::update_value_transformer(uchar *select_arg) ...@@ -6197,7 +6197,8 @@ Item *Item_field::update_value_transformer(uchar *select_arg)
void Item_field::print(String *str, enum_query_type query_type) void Item_field::print(String *str, enum_query_type query_type)
{ {
if (field && field->table->const_table) if (field && field->table->const_table &&
!(query_type & QT_NO_DATA_EXPANSION))
{ {
char buff[MAX_FIELD_WIDTH]; char buff[MAX_FIELD_WIDTH];
String tmp(buff,sizeof(buff),str->charset()); String tmp(buff,sizeof(buff),str->charset());
......
#ifndef ITEM_FUNC_INCLUDED #ifndef ITEM_FUNC_INCLUDED
#define ITEM_FUNC_INCLUDED #define ITEM_FUNC_INCLUDED
/* Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -217,7 +217,7 @@ class Item_func :public Item_result_field ...@@ -217,7 +217,7 @@ class Item_func :public Item_result_field
char buf[256]; char buf[256];
String str(buf, sizeof(buf), system_charset_info); String str(buf, sizeof(buf), system_charset_info);
str.length(0); str.length(0);
print(&str, QT_ORDINARY); print(&str, QT_NO_DATA_EXPANSION);
my_error(ER_DATA_OUT_OF_RANGE, MYF(0), type_name, str.c_ptr_safe()); my_error(ER_DATA_OUT_OF_RANGE, MYF(0), type_name, str.c_ptr_safe());
} }
inline double raise_float_overflow() inline double raise_float_overflow()
......
#ifndef ITEM_GEOFUNC_INCLUDED #ifndef ITEM_GEOFUNC_INCLUDED
#define ITEM_GEOFUNC_INCLUDED #define ITEM_GEOFUNC_INCLUDED
/* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -187,7 +187,7 @@ class Item_func_spatial_collection: public Item_geometry_func ...@@ -187,7 +187,7 @@ class Item_func_spatial_collection: public Item_geometry_func
if (args[i]->fixed && args[i]->field_type() != MYSQL_TYPE_GEOMETRY) if (args[i]->fixed && args[i]->field_type() != MYSQL_TYPE_GEOMETRY)
{ {
String str; String str;
args[i]->print(&str, QT_ORDINARY); args[i]->print(&str, QT_NO_DATA_EXPANSION);
str.append('\0'); str.append('\0');
my_error(ER_ILLEGAL_VALUE_FOR_TYPE, MYF(0), "non geometric", my_error(ER_ILLEGAL_VALUE_FOR_TYPE, MYF(0), "non geometric",
str.ptr()); str.ptr());
......
/* Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -431,7 +431,13 @@ enum enum_query_type ...@@ -431,7 +431,13 @@ enum enum_query_type
/// In utf8. /// In utf8.
QT_TO_SYSTEM_CHARSET= (1 << 0), QT_TO_SYSTEM_CHARSET= (1 << 0),
/// Without character set introducers. /// Without character set introducers.
QT_WITHOUT_INTRODUCERS= (1 << 1) QT_WITHOUT_INTRODUCERS= (1 << 1),
/**
If an expression is constant, print the expression, not the value
it evaluates to. Should be used for error messages, so that they
don't reveal values.
*/
QT_NO_DATA_EXPANSION= (1 << 9),
}; };
/* query_id */ /* query_id */
......
/* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -17427,26 +17427,46 @@ static void print_join(THD *thd, ...@@ -17427,26 +17427,46 @@ static void print_join(THD *thd,
/* List is reversed => we should reverse it before using */ /* List is reversed => we should reverse it before using */
List_iterator_fast<TABLE_LIST> ti(*tables); List_iterator_fast<TABLE_LIST> ti(*tables);
TABLE_LIST **table; TABLE_LIST **table;
uint non_const_tables= 0;
/*
If the QT_NO_DATA_EXPANSION flag is specified, we print the
original table list, including constant tables that have been
optimized away, as the constant tables may be referenced in the
expression printed by Item_field::print() when this flag is given.
Otherwise, only non-const tables are printed.
Example:
Original SQL:
select * from (select 1) t
Printed without QT_NO_DATA_EXPANSION:
select '1' AS `1` from dual
Printed with QT_NO_DATA_EXPANSION:
select `t`.`1` from (select 1 AS `1`) `t`
*/
const bool print_const_tables= (query_type & QT_NO_DATA_EXPANSION);
size_t tables_to_print= 0;
for (TABLE_LIST *t= ti++; t ; t= ti++) for (TABLE_LIST *t= ti++; t ; t= ti++)
if (!t->optimized_away) if (print_const_tables || !t->optimized_away)
non_const_tables++; tables_to_print++;
if (!non_const_tables) if (tables_to_print == 0)
{ {
str->append(STRING_WITH_LEN("dual")); str->append(STRING_WITH_LEN("dual"));
return; // all tables were optimized away return; // all tables were optimized away
} }
ti.rewind(); ti.rewind();
if (!(table= (TABLE_LIST **)thd->alloc(sizeof(TABLE_LIST*) * if (!(table= static_cast<TABLE_LIST **>(thd->alloc(sizeof(TABLE_LIST*) *
non_const_tables))) tables_to_print))))
return; // out of memory return; // out of memory
TABLE_LIST *tmp, **t= table + (non_const_tables - 1); TABLE_LIST *tmp, **t= table + (tables_to_print - 1);
while ((tmp= ti++)) while ((tmp= ti++))
{ {
if (tmp->optimized_away) if (tmp->optimized_away && !print_const_tables)
continue; continue;
*t--= tmp; *t--= tmp;
} }
...@@ -17454,7 +17474,7 @@ static void print_join(THD *thd, ...@@ -17454,7 +17474,7 @@ static void print_join(THD *thd,
DBUG_ASSERT(tables->elements >= 1); DBUG_ASSERT(tables->elements >= 1);
(*table)->print(thd, str, query_type); (*table)->print(thd, str, query_type);
TABLE_LIST **end= table + non_const_tables; TABLE_LIST **end= table + tables_to_print;
for (TABLE_LIST **tbl= table + 1; tbl < end; tbl++) for (TABLE_LIST **tbl= table + 1; tbl < end; tbl++)
{ {
TABLE_LIST *curr= *tbl; TABLE_LIST *curr= *tbl;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment