maria-developers team mailing list archive

[Sergei Golubchik <serg@xxxxxxxxxxx>]

Hi, Sanja!

On Dec 21, OleksandrByelkin wrote:
> revision-id: daad4828b078485ee7ac60af4fc165ae35684395 (mariadb-10.1.9-21-gdaad482)
> parent(s): 59fcd7ff2315d007045eb987da5f21abbea6f6f1
> committer: Oleksandr Byelkin
> timestamp: 2015-12-21 20:13:12 +0100
> message:
> 
> MDEV-8615: Assertion `m_cpp_buf <= begin_ptr && begin_ptr <= m_cpp_buf + m_buf_length' failed in Lex_input_stream::body_utf8_start
> 
> If it is EOF then it may not be start of compound statement.
> 
> ---
>  mysql-test/r/compound.result | 7 +++++++
>  mysql-test/t/compound.test   | 7 +++++++
>  sql/sql_yacc.yy              | 7 ++++++-
>  3 files changed, 20 insertions(+), 1 deletion(-)
> 
> diff --git a/mysql-test/r/compound.result b/mysql-test/r/compound.result
> index 92d3226..1d412e6 100644
> --- a/mysql-test/r/compound.result
> +++ b/mysql-test/r/compound.result
> @@ -162,3 +162,10 @@ a
>  begin not atomic select a from t1 having a > 1; end|
>  a
>  drop table t1|
> +#
> +# MDEV-8615: Assertion `m_cpp_buf <= begin_ptr &&
> +# begin_ptr <= m_cpp_buf + m_buf_length' failed in
> +# Lex_input_stream::body_utf8_start
> +#
> +b'|
> +ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'b'' at line 1
> diff --git a/mysql-test/t/compound.test b/mysql-test/t/compound.test
> index 1c5d12a..cabdf96 100644
> --- a/mysql-test/t/compound.test
> +++ b/mysql-test/t/compound.test
> @@ -150,3 +150,10 @@ select a from t1 having a > 1|
>  begin not atomic select a from t1 having a > 1; end|
>  drop table t1|
>  
> +--echo #
> +--echo # MDEV-8615: Assertion `m_cpp_buf <= begin_ptr &&
> +--echo # begin_ptr <= m_cpp_buf + m_buf_length' failed in
> +--echo # Lex_input_stream::body_utf8_start
> +--echo #
> +--error ER_PARSE_ERROR
> +--query b'
> diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
> index a5a62ae..6611411 100644
> --- a/sql/sql_yacc.yy
> +++ b/sql/sql_yacc.yy
> @@ -237,6 +237,11 @@ static sp_head *make_sp_head(THD *thd, sp_name *name,
>  
>  static bool maybe_start_compound_statement(THD *thd)
>  {
> +  if (YYLIP->eof())
> +  {
> +    my_parse_error(thd, ER_SYNTAX_ERROR);
> +    return 1;
> +  }

no, I don't like that. Syntax errors should be issued by the parser,
they should follow from the grammar, not be hard-coded in some explicit
checks in the code.

The problem in the current grammar - as I see it, that a code block is
executed before any keyword is matched. This code block assumes it's the
sp_unlabeled_control rule, while it could be anything.

The fix would be to remove this code block and put this code after the
first keyword is matched.

>    if (!thd->lex->sphead)
>    {
>      if (!make_sp_head(thd, NULL, TYPE_ENUM_PROCEDURE))
> @@ -4807,7 +4812,7 @@ create_body:
>          | opt_create_table_options opt_create_partitioning opt_create_select {}
>          /*
>            the following rule is redundant, but there's a shift/reduce
> -          conflict that prevents the rule above from parsing a syntax like
> +          conflict that prevents the rule above from parsing a synax like

This is a strange change :)

>            CREATE TABLE t1 (SELECT 1);
>          */

Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx
-- 
Vote for my Percona Live 2016 talks:
https://www.percona.com/live/data-performance-conference-2016/sessions/mariadb-connectors-fast-and-smart-new-protocol-optimizations#community-voting
https://www.percona.com/live/data-performance-conference-2016/sessions/mariadb-101-security-validation-authentication-encryption#community-voting