Commit 3335f68d authored by unknown's avatar unknown
Browse files

Bug #27164: not reseting the data pointer 

 to 0 causes wrong (large) length to be read
 from the row in _mi_calc_blob_length() when 
 storing NULL values in (e.g) POINT columns.
 This large length is then used to allocate
 a block of memory that (on some OSes) causes
 trouble.
 Fixed by calling the base class's 
 Field_blob::reset() from Field_geom::reset()
 that is called when storing a NULL value into
 the column.


mysql-test/r/gis.result:
  Bug #27164: test case
mysql-test/t/gis.test:
  Bug #27164: test case
sql/field.h:
  Bug #27164: not reseting the data pointer
   to 0 causes wrong (large) length to be read
   from the row in _mi_calc_blob_length() when 
   storing NULL values in (e.g) POINT columns.
   This large length is then used to allocate
   a block of memory that (on some OSes) causes
   trouble.
parent 55f991c2

mysql-test/r/gis.result

+6 −0
Original line number Diff line number Diff line
@@ -718,4 +718,10 @@ point(b, b) IS NULL linestring(b) IS NULL polygon(b) IS NULL multipoint(b) IS NU 
1	1	1	1	1	1	1

0	1	1	1	1	1	1

drop table t1;

CREATE TABLE t1(a POINT) ENGINE=MyISAM;

INSERT INTO t1 VALUES (NULL);

SELECT * FROM t1;

a

NULL

DROP TABLE t1;

End of 4.1 tests

mysql-test/t/gis.test

+8 −0
Original line number Diff line number Diff line
@@ -411,4 +411,12 @@ from t1; 


drop table t1;



#

# Bug #27164: Crash when mixing InnoDB and MyISAM Geospatial tables

#

CREATE TABLE t1(a POINT) ENGINE=MyISAM;

INSERT INTO t1 VALUES (NULL);

SELECT * FROM t1;

DROP TABLE t1;



--echo End of 4.1 tests

sql/field.h

+1 −1
Original line number Diff line number Diff line
@@ -1115,7 +1115,7 @@ class Field_geom :public Field_blob { 
  int  store(const char *to, uint length, CHARSET_INFO *charset);

  int  store(double nr) { return 1; }

  int  store(longlong nr) { return 1; }

  int  reset(void) { return !maybe_null(); }

  int  reset(void) { return !maybe_null() || Field_blob::reset(); }



  void get_key_image(char *buff,uint length, CHARSET_INFO *cs,imagetype type);

  void set_key_image(char *buff,uint length, CHARSET_INFO *cs);