maria-developers team mailing list archive
-
maria-developers team
-
Mailing list archive
-
Message #11145
Re: MDEV-15492: Subquery crash similar to MDEV-10050
Hi, Oleksandr!
On Mar 21, Oleksandr Byelkin wrote:
> revision-id: 49a443c53a7f01812299f20e94c7209579efd881 (mariadb-5.5.59-45-g49a443c53a7)
> parent(s): 0943b33de3daa0fcbf58803be8e991941de63218
> author: Oleksandr Byelkin
> committer: Oleksandr Byelkin
> timestamp: 2018-03-21 12:13:37 +0100
> message:
>
> MDEV-15492: Subquery crash similar to MDEV-10050
>
> Detection of first execution of PS fixed.
> More debug info.
>
> diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc
> index a3bf9d6c93c..369a9f3a804 100644
> --- a/sql/sql_prepare.cc
> +++ b/sql/sql_prepare.cc
> @@ -3819,6 +3819,7 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor)
> Statement stmt_backup;
> Query_arena *old_stmt_arena;
> bool error= TRUE;
> + bool qc_executed;
>
> char saved_cur_db_name_buf[SAFE_NAME_LEN+1];
> LEX_STRING saved_cur_db_name=
> @@ -3931,12 +3932,14 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor)
> 1);
> error= mysql_execute_command(thd);
> MYSQL_QUERY_EXEC_DONE(error);
> + qc_executed= FALSE;
> }
> else
> {
> thd->lex->sql_command= SQLCOM_SELECT;
> status_var_increment(thd->status_var.com_stat[SQLCOM_SELECT]);
> thd->update_stats();
> + qc_executed= TRUE;
> }
> }
mostly ok, but this leaves one code path where qc_executed stays
uninitialized. Better assign a default value of FALSE when declaring a
variable, and set it to TRUE when really executed.
ok to push after that.
>
> @@ -3960,7 +3963,7 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor)
> thd->set_statement(&stmt_backup);
> thd->stmt_arena= old_stmt_arena;
>
> - if (state == Query_arena::STMT_PREPARED)
> + if (state == Query_arena::STMT_PREPARED && !qc_executed)
> state= Query_arena::STMT_EXECUTED;
>
> if (error == 0 && this->lex->sql_command == SQLCOM_CALL)
Regards,
Sergei
Chief Architect MariaDB
and security@xxxxxxxxxxx