[Commits] bde705f: MDEV-7050: MySQL#74603 - Assertion `comma_length > 0' failed in mysql_prepare_create_table

Jan Lindström jan.lindstrom at mariadb.com
Wed Dec 2 17:53:51 EET 2015


revision-id: bde705fdaec49ab495eafcd18c609970a2566cb7 (mariadb-5.5.46-10-gbde705f)
parent(s): 13ad179c96ee8c8c4043806b8575c851e3676f0d
committer: Jan Lindström
timestamp: 2015-12-02 17:53:28 +0200
message:

MDEV-7050: MySQL#74603 - Assertion `comma_length > 0' failed in mysql_prepare_create_table

Too short buffer was used for ENUM comma buffer.

---
 mysql-test/r/create.result | 20 ++++++++++++++++++++
 mysql-test/t/create.test   | 21 +++++++++++++++++++++
 sql/sql_table.cc           |  2 +-
 3 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/mysql-test/r/create.result b/mysql-test/r/create.result
index 8dd3cc8..2da3460 100644
--- a/mysql-test/r/create.result
+++ b/mysql-test/r/create.result
@@ -2477,3 +2477,23 @@ t1	CREATE TABLE `t1` (
   `c` char(32) AS (convert(cast(n as char), char)) PERSISTENT
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1
 drop table t1;
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
+SET character_set_filesystem=filename;
+SET @session_start_value=@@character_set_filesystem;
+SET @@session.collation_server=@session_start_value;
+create table t0(a ENUM('',''));
+Warnings:
+Note	1291	Column 'a' has duplicated value '' in ENUM
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
+create table t0(a ENUM('',''));
+Warnings:
+Note	1291	Column 'a' has duplicated value '' in ENUM
+DROP TABLE t0;
+SET @@session.collation_server = latin1_swedish_ci;
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
diff --git a/mysql-test/t/create.test b/mysql-test/t/create.test
index 6de2c50..cdd9177 100644
--- a/mysql-test/t/create.test
+++ b/mysql-test/t/create.test
@@ -2053,3 +2053,24 @@ select * from t1;
 show create table t1;
 
 drop table t1;
+
+#
+# MDEV-7050: MySQL#74603 - Assertion `comma_length > 0' failed in mysql_prepare_create_table
+#
+LET $collation_orig=`select @@session.collation_server`;
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
+SET character_set_filesystem=filename;
+SET @session_start_value=@@character_set_filesystem;
+SET @@session.collation_server=@session_start_value;
+create table t0(a ENUM('',''));
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
+create table t0(a ENUM('',''));
+DROP TABLE t0;
+EVAL SET @@session.collation_server = $collation_orig;
+DROP DATABASE test;
+CREATE DATABASE test;
+USE test;
diff --git a/sql/sql_table.cc b/sql/sql_table.cc
index 6e589e2..6ce46ad 100644
--- a/sql/sql_table.cc
+++ b/sql/sql_table.cc
@@ -2986,7 +2986,7 @@ mysql_prepare_create_table(THD *thd, HA_CREATE_INFO *create_info,
                                                sql_field->interval_list);
         List_iterator<String> int_it(sql_field->interval_list);
         String conv, *tmp;
-        char comma_buf[4]; /* 4 bytes for utf32 */
+        char comma_buf[8]; /* 4*2 bytes for utf32 */
         int comma_length= cs->cset->wc_mb(cs, ',', (uchar*) comma_buf,
                                           (uchar*) comma_buf + 
                                           sizeof(comma_buf));


More information about the commits mailing list