Commit 537ec1e6 authored by unknown's avatar unknown
Browse files

Post review fixes for BUG#16474: SP crashed MySQL. 


mysql-test/r/ps.result:
  Added test coverage for "order by" in prepared statements (related to BUG#16474).
mysql-test/r/sp.result:
  Added reference to test case for BUG#16474.
mysql-test/t/ps.test:
  Added test coverage for "order by" in prepared statements (related to BUG#16474).
mysql-test/t/sp.test:
  Added reference to test case for BUG#16474.
sql/sql_select.cc:
  Fixed comment and test for basic_const_item() instead of is_splocal().
parent fb36d923

mysql-test/r/ps.result

+46 −0
Original line number Diff line number Diff line
@@ -880,3 +880,49 @@ select row_count(); 
row_count()

1

drop table t1;

create table t1 (a int, b int);

insert into t1 (a,b) values (2,8),(1,9),(3,7);

prepare stmt from "select * from t1 order by ?";

execute stmt using @a;

a	b

2	8

1	9

3	7

set @a=1;

execute stmt using @a;

a	b

1	9

2	8

3	7

set @a=2;

execute stmt using @a;

a	b

3	7

2	8

1	9

deallocate prepare stmt;

select * from t1 order by 1;

a	b

1	9

2	8

3	7

prepare stmt from "select * from t1 order by ?+1";

set @a=0;

execute stmt using @a;

a	b

2	8

1	9

3	7

set @a=1;

execute stmt using @a;

a	b

2	8

1	9

3	7

deallocate prepare stmt;

select * from t1 order by 1+1;

a	b

2	8

1	9

3	7

drop table t1;

mysql-test/r/sp.result

+6 −0
Original line number Diff line number Diff line
@@ -4885,5 +4885,11 @@ b 
a

drop procedure bug16474_1|

drop procedure bug16474_2|

set @x = 2|

select * from t1 order by @x|

id	data

c	2

b	3

a	1

delete from t1|

drop table t1,t2;

mysql-test/t/ps.test

+34 −0
Original line number Diff line number Diff line
@@ -933,4 +933,38 @@ execute ins_call; 
select row_count();

drop table t1;



#

# BUG#16474: SP crashed MySQL

# (when using "order by localvar", where 'localvar' is just that.

# The actual bug test is in sp.test, this is just testing that we get the

# expected result for prepared statements too, i.e. place holders work as

# textual substitution. If it's a single integer, it works as the (deprecated)

# "order by column#", otherwise it's an expression.

#

create table t1 (a int, b int);

insert into t1 (a,b) values (2,8),(1,9),(3,7);



# Will order by index

prepare stmt from "select * from t1 order by ?";

execute stmt using @a;

set @a=1;

execute stmt using @a;

set @a=2;

execute stmt using @a;

deallocate prepare stmt;

# For reference:

select * from t1 order by 1;



# Will not order by index.

prepare stmt from "select * from t1 order by ?+1";

set @a=0;

execute stmt using @a;

set @a=1;

execute stmt using @a;

deallocate prepare stmt;

# For reference:

select * from t1 order by 1+1;



drop table t1;



# End of 5.0 tests

mysql-test/t/sp.test

+5 −0
Original line number Diff line number Diff line
@@ -5745,6 +5745,11 @@ call bug16474_2(1)| 
call bug16474_2(2)|

drop procedure bug16474_1|

drop procedure bug16474_2|



# For reference: user variables are expressions too and do not affect ordering.

set @x = 2|

select * from t1 order by @x|



delete from t1|

sql/sql_select.cc

+3 −2
Original line number Diff line number Diff line
@@ -12327,9 +12327,10 @@ find_order_in_list(THD *thd, Item **ref_pointer_array, TABLE_LIST *tables, 


  /*

    Local SP variables may be int but are expressions, not positions.

    (And they must be fixed.)

    (And they can't be used before fix_fields is called for them).

  */

  if (order_item->type() == Item::INT_ITEM && !order_item->is_splocal())

  //  if (order_item->type() == Item::INT_ITEM && !order_item->is_splocal())

  if (order_item->type() == Item::INT_ITEM && order_item->basic_const_item())

  {						/* Order by position */

    uint count= (uint) order_item->val_int();

    if (!count || count > fields.elements)