Commit 61718995 authored by unknown's avatar unknown
Browse files

Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver. 

Variable character_set_results can legally be NULL (for "no conversion.")
This could result in a NULL deref that crashed the server.  Fixed.

(Although ran some additional precursory tests to see whether I could break
anything else, but no breakage so far.)


mysql-test/r/func_time.result:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Prove DATE_FORMAT() no longer crashes the server when character_set_results is
  NULL (which is a legal value and means, "no conversion").
mysql-test/t/func_time.test:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Prove DATE_FORMAT() no longer crashes the server when character_set_results is
  NULL (which is a legal value and means, "no conversion").
sql/sql_string.cc:
  Bug#21913: DATE_FORMAT() Crashes mysql server if I use it through mysql-connector-j driver.
  
  Avoid NULL deref in my_charset_same() -- if !to_cs, we won't need to compare
  because it is magic for, "no conversion."
parent 76f65b3f

mysql-test/r/func_time.result

+12 −0
Original line number Diff line number Diff line
@@ -688,3 +688,15 @@ t1 CREATE TABLE `t1` ( 
  `from_unixtime(1) + 0` double(23,6) default NULL

) ENGINE=MyISAM DEFAULT CHARSET=latin1

drop table t1;

SET NAMES latin1;

SET character_set_results = NULL;

SHOW VARIABLES LIKE 'character_set_results';

Variable_name	Value

character_set_results	

CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY);

INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd');

SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868;

fmtddate	field2

Sep-4 12:00AM	abcd

DROP TABLE testBug8868;

SET NAMES DEFAULT;

mysql-test/t/func_time.test

+18 −0
Original line number Diff line number Diff line
@@ -358,4 +358,22 @@ create table t1 select now() - now(), curtime() - curtime(), 
show create table t1;

drop table t1;



#

# 21913: DATE_FORMAT() Crashes mysql server if I use it through

#        mysql-connector-j driver.

#



SET NAMES latin1;

SET character_set_results = NULL;

SHOW VARIABLES LIKE 'character_set_results';



CREATE TABLE testBug8868 (field1 DATE, field2 VARCHAR(32) CHARACTER SET BINARY);

INSERT INTO testBug8868 VALUES ('2006-09-04', 'abcd');



SELECT DATE_FORMAT(field1,'%b-%e %l:%i%p') as fmtddate, field2 FROM testBug8868;



DROP TABLE testBug8868;



SET NAMES DEFAULT;



# End of 4.1 tests

sql/sql_string.cc

+6 −1
Original line number Diff line number Diff line
@@ -248,6 +248,10 @@ bool String::copy(const char *str,uint32 arg_length, CHARSET_INFO *cs) 
   0  No conversion needed

   1  Either character set conversion or adding leading  zeros

      (e.g. for UCS-2) must be done



  NOTE

  to_cs may be NULL for "no conversion" if the system variable

  character_set_results is NULL.

*/



bool String::needs_conversion(uint32 arg_length,
@@ -256,7 +260,8 @@ bool String::needs_conversion(uint32 arg_length, 
			      uint32 *offset)

{

  *offset= 0;

  if ((to_cs == &my_charset_bin) || 

  if (!to_cs ||

      (to_cs == &my_charset_bin) || 

      (to_cs == from_cs) ||

      my_charset_same(from_cs, to_cs) ||

      ((from_cs == &my_charset_bin) &&