Fix for bug#18177 any access to INFORMATION_SCHEMA.ROUTINES crashes

1	3

9	27

drop table t1;

use mysql;

INSERT INTO `proc` VALUES ('test','','PROCEDURE','','SQL','CONTAINS_SQL',

'NO','DEFINER','','','BEGIN\r\n  \r\nEND','root@%','2006-03-02 18:40:03',

'2006-03-02 18:40:03','','');

select routine_name from information_schema.routines;

routine_name

delete from proc where name='';

use test;

select CHARACTER_MAXIMUM_LENGTH, CHARACTER_OCTET_LENGTH from

information_schema.columns where table_schema='test' and table_name = 't1';

drop table t1;

#

# Bug#18177 any access to INFORMATION_SCHEMA.ROUTINES crashes

#

use mysql;

INSERT INTO `proc` VALUES ('test','','PROCEDURE','','SQL','CONTAINS_SQL',

'NO','DEFINER','','','BEGIN\r\n  \r\nEND','root@%','2006-03-02 18:40:03',

'2006-03-02 18:40:03','','');

select routine_name from information_schema.routines;

delete from proc where name='';

use test;

                       const char *wild, bool full_access, const char *sp_user)

{

  String tmp_string;

  String sp_db, sp_name, definer;

  TIME time;

  LEX *lex= thd->lex;

  CHARSET_INFO *cs= system_charset_info;

  const char *sp_db, *sp_name, *definer;

  sp_db= get_field(thd->mem_root, proc_table->field[0]);

  sp_name= get_field(thd->mem_root, proc_table->field[1]);

  definer= get_field(thd->mem_root, proc_table->field[11]);

  get_field(thd->mem_root, proc_table->field[0], &sp_db);

  get_field(thd->mem_root, proc_table->field[1], &sp_name);

  get_field(thd->mem_root, proc_table->field[11], &definer);

  if (!full_access)

    full_access= !strcmp(sp_user, definer);

  if (!full_access && check_some_routine_access(thd, sp_db, sp_name,

			proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE))

    full_access= !strcmp(sp_user, definer.ptr());

  if (!full_access && check_some_routine_access(thd, sp_db.ptr(), sp_name.ptr(),

                                                proc_table->field[2]->val_int() ==

                                                TYPE_ENUM_PROCEDURE))

    return 0;

  if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC &&

      lex->orig_sql_command == SQLCOM_END)

  {

    restore_record(table, s->default_values);

    if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0))

    if (!wild || !wild[0] || !wild_compare(sp_name.ptr(), wild, 0))

    {

      int enum_idx= proc_table->field[5]->val_int();

      table->field[3]->store(sp_name, strlen(sp_name), cs);

      table->field[3]->store(sp_name.ptr(), sp_name.length(), cs);

      get_field(thd->mem_root, proc_table->field[3], &tmp_string);

      table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs);

      table->field[2]->store(sp_db, strlen(sp_db), cs);

      table->field[2]->store(sp_db.ptr(), sp_db.length(), cs);

      get_field(thd->mem_root, proc_table->field[2], &tmp_string);

      table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs);

      if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION)

      table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs);

      get_field(thd->mem_root, proc_table->field[15], &tmp_string);

      table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs);

      table->field[19]->store(definer, strlen(definer), cs);

      table->field[19]->store(definer.ptr(), definer.length(), cs);

      return schema_table_store_record(thd, table);

    }

  }