Bug#26503 (Illegal SQL exception handler code causes the server to crash) (79344c7b) · Commits · Software / OSDI20 Artifacts / mariadb

mysql-test/r/sp-error.result

+52 −0

Original line number	Diff line number	Diff line
		@@ -1400,3 +1400,55 @@ drop table table_25345_b;
		drop procedure proc_25345;
		drop function func_25345;
		drop function func_25345_b;
		create procedure proc_26503_error_1()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		begin
		iterate retry;
		end
		select "do something";
		end
		until true end repeat retry;
		end//
		ERROR 42000: ITERATE with no matching label: retry
		create procedure proc_26503_error_2()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		iterate retry;
		select "do something";
		end
		until true end repeat retry;
		end//
		ERROR 42000: ITERATE with no matching label: retry
		create procedure proc_26503_error_3()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		begin
		leave retry;
		end
		select "do something";
		end
		until true end repeat retry;
		end//
		ERROR 42000: LEAVE with no matching label: retry
		create procedure proc_26503_error_4()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		leave retry;
		select "do something";
		end
		until true end repeat retry;
		end//
		ERROR 42000: LEAVE with no matching label: retry

mysql-test/r/sp.result

+165 −0

Original line number	Diff line number	Diff line
		@@ -5805,4 +5805,169 @@ func_8407_b()
		1500
		drop function func_8407_a\|
		drop function func_8407_b\|
		drop table if exists table_26503\|
		drop procedure if exists proc_26503_ok_1\|
		drop procedure if exists proc_26503_ok_2\|
		drop procedure if exists proc_26503_ok_3\|
		drop procedure if exists proc_26503_ok_4\|
		create table table_26503(a int unique)\|
		create procedure proc_26503_ok_1(v int)
		begin
		declare i int default 5;
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		iterate retry;
		select 'dead code';
		end;
		end while retry;
		select 'leaving handler';
		end;
		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end\|
		create procedure proc_26503_ok_2(v int)
		begin
		declare i int default 5;
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		leave retry;
		select 'dead code';
		end;
		end while;
		select 'leaving handler';
		end;
		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end\|
		create procedure proc_26503_ok_3(v int)
		begin
		declare i int default 5;
		retry:
		begin
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		iterate retry;
		select 'dead code';
		end;
		end while retry;
		select 'leaving handler';
		end;
		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end;
		end\|
		create procedure proc_26503_ok_4(v int)
		begin
		declare i int default 5;
		retry:
		begin
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		leave retry;
		select 'dead code';
		end;
		end while;
		select 'leaving handler';
		end;
		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end;
		end\|
		call proc_26503_ok_1(1)\|
		do something
		do something
		do something again
		do something again
		caught something
		caught something
		looping i
		looping 4
		looping i
		looping 3
		looping i
		looping 2
		looping i
		looping 1
		looping i
		looping 0
		leaving handler
		leaving handler
		call proc_26503_ok_2(2)\|
		do something
		do something
		do something again
		do something again
		caught something
		caught something
		looping i
		looping 4
		leaving handler
		leaving handler
		call proc_26503_ok_3(3)\|
		do something
		do something
		do something again
		do something again
		caught something
		caught something
		looping i
		looping 4
		looping i
		looping 3
		looping i
		looping 2
		looping i
		looping 1
		looping i
		looping 0
		leaving handler
		leaving handler
		call proc_26503_ok_4(4)\|
		do something
		do something
		do something again
		do something again
		caught something
		caught something
		looping i
		looping 4
		leaving handler
		leaving handler
		drop table table_26503\|
		drop procedure proc_26503_ok_1\|
		drop procedure proc_26503_ok_2\|
		drop procedure proc_26503_ok_3\|
		drop procedure proc_26503_ok_4\|
		drop table t1,t2;

mysql-test/t/sp-error.test

+68 −0

Original line number	Diff line number	Diff line
		@@ -2021,6 +2021,74 @@ drop procedure proc_25345;
		drop function func_25345;
		drop function func_25345_b;

		#
		# Bug#26503 (Illegal SQL exception handler code causes the server to crash)
		#

		delimiter //;

		--error ER_SP_LILABEL_MISMATCH
		create procedure proc_26503_error_1()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		begin
		iterate retry;
		end

		select "do something";
		end
		until true end repeat retry;
		end//

		--error ER_SP_LILABEL_MISMATCH
		create procedure proc_26503_error_2()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		iterate retry;

		select "do something";
		end
		until true end repeat retry;
		end//

		--error ER_SP_LILABEL_MISMATCH
		create procedure proc_26503_error_3()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		begin
		leave retry;
		end

		select "do something";
		end
		until true end repeat retry;
		end//

		--error ER_SP_LILABEL_MISMATCH
		create procedure proc_26503_error_4()
		begin
		retry:
		repeat
		begin
		declare continue handler for sqlexception
		leave retry;

		select "do something";
		end
		until true end repeat retry;
		end//

		delimiter ;//

		#
		# BUG#NNNN: New bug synopsis
		#

mysql-test/t/sp.test

+135 −0

Original line number	Diff line number	Diff line
		@@ -6800,6 +6800,141 @@ select func_8407_b()\|
		drop function func_8407_a\|
		drop function func_8407_b\|

		#
		# Bug#26503 (Illegal SQL exception handler code causes the server to crash)
		#

		--disable_warnings
		drop table if exists table_26503\|
		drop procedure if exists proc_26503_ok_1\|
		drop procedure if exists proc_26503_ok_2\|
		drop procedure if exists proc_26503_ok_3\|
		drop procedure if exists proc_26503_ok_4\|
		--enable_warnings

		create table table_26503(a int unique)\|

		create procedure proc_26503_ok_1(v int)
		begin
		declare i int default 5;

		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		iterate retry;
		select 'dead code';
		end;
		end while retry;
		select 'leaving handler';
		end;

		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end\|

		create procedure proc_26503_ok_2(v int)
		begin
		declare i int default 5;

		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		leave retry;
		select 'dead code';
		end;
		end while;
		select 'leaving handler';
		end;

		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end\|

		## The outer retry label should not prevent using the inner label.

		create procedure proc_26503_ok_3(v int)
		begin
		declare i int default 5;

		retry:
		begin
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		iterate retry;
		select 'dead code';
		end;
		end while retry;
		select 'leaving handler';
		end;

		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end;
		end\|

		## The outer retry label should not prevent using the inner label.

		create procedure proc_26503_ok_4(v int)
		begin
		declare i int default 5;

		retry:
		begin
		declare continue handler for sqlexception
		begin
		select 'caught something';
		retry:
		while i > 0 do
		begin
		set i = i - 1;
		select 'looping', i;
		leave retry;
		select 'dead code';
		end;
		end while;
		select 'leaving handler';
		end;

		select 'do something';
		insert into table_26503 values (v);
		select 'do something again';
		insert into table_26503 values (v);
		end;
		end\|

		call proc_26503_ok_1(1)\|
		call proc_26503_ok_2(2)\|
		call proc_26503_ok_3(3)\|
		call proc_26503_ok_4(4)\|

		drop table table_26503\|
		drop procedure proc_26503_ok_1\|
		drop procedure proc_26503_ok_2\|
		drop procedure proc_26503_ok_3\|
		drop procedure proc_26503_ok_4\|

		#
		# NOTE: The delimiter is `\|`, and not `;`. It is changed to `;`
		# at the end of the file!

sql/sp_head.cc

+1 −1

Original line number	Diff line number	Diff line
		@@ -470,7 +470,7 @@ sp_head::init(LEX *lex)
		{
		DBUG_ENTER("sp_head::init");

		lex->spcont= m_pcont= new sp_pcontext(NULL);
		lex->spcont= m_pcont= new sp_pcontext();

		/*
		Altough trg_table_fields list is used only in triggers we init for all