Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
mysql5
>
mysql-5.0.26
> mysql-5.0.26-CVE-2007-2583.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File mysql-5.0.26-CVE-2007-2583.patch of Package mysql-5.0.26
from http://mysql.bkbits.net:8080/mysql-5.0-community/?PAGE=gnupatch&REV=1.2392.105.16 --- mysql-test/r/func_in.result | 6 ++++++ mysql-test/t/func_in.test | 13 +++++++++++++ sql/item_cmpfunc.cc | 3 ++- 3 files changed, 21 insertions(+), 1 deletion(-) --- mysql-test/r/func_in.result.orig +++ mysql-test/r/func_in.result @@ -343,3 +343,9 @@ some_id 1 2 drop table t1; +CREATE TABLE t1 (id int not null); +INSERT INTO t1 VALUES (1),(2); +SELECT id FROM t1 WHERE id IN(4564, (SELECT IF(1=0,1,1/0)) ); +id +DROP TABLE t1; +End of 5.0 tests --- mysql-test/t/func_in.test.orig +++ mysql-test/t/func_in.test @@ -232,3 +232,16 @@ select some_id from t1 where some_id not select some_id from t1 where some_id not in(-4,-1,-4); select some_id from t1 where some_id not in(-4,-1,3423534,2342342); drop table t1; + +# +# BUG#27362: IN with a decimal expression that may return NULL +# + +CREATE TABLE t1 (id int not null); +INSERT INTO t1 VALUES (1),(2); + +SELECT id FROM t1 WHERE id IN(4564, (SELECT IF(1=0,1,1/0)) ); + +DROP TABLE t1; + +--echo End of 5.0 tests --- sql/item_cmpfunc.cc.orig +++ sql/item_cmpfunc.cc @@ -2134,7 +2134,8 @@ void in_decimal::set(uint pos, Item *ite dec->len= DECIMAL_BUFF_LENGTH; dec->fix_buffer_pointer(); my_decimal *res= item->val_decimal(dec); - if (res != dec) + /* if item->val_decimal() is evaluated to NULL then res == 0 */ + if (!item->null_value && res != dec) my_decimal2decimal(res, dec); }