Fix for bug #54575: crash when joining tables with unique set column

Problem: a flaw (derefencing a NULL pointer) in the LIKE optimization code may lead to a server crash in some rare cases. Fix: check the pointer before its dereferencing. mysql-test/r/func_like.result: Fix for bug #54575: crash when joining tables with unique set column - test result. mysql-test/t/func_like.test: Fix for bug #54575: crash when joining tables with unique set column - test case. sql/item_cmpfunc.cc: Fix for bug #54575: crash when joining tables with unique set column - check res2 buffer pointer before its dereferencing as it may be NULL in some cases.
2025-07-30 16:24:05 +03:00 · 2010-06-20 02:02:58 +04:00
parent 5088fb1394
commit 1614c3c128
3 changed files with 34 additions and 5 deletions
--- a/mysql-test/r/func_like.result
+++ b/mysql-test/r/func_like.result
@ -169,3 +169,17 @@ select 'andre%' like 'andre
 select _cp1251'andre%' like convert('andre<72>%' using cp1251)  escape '<27>';
 _cp1251'andre%' like convert('andre<72>%' using cp1251)  escape '<27>'
 1
+End of 4.1 tests
+#
+# Bug #54575: crash when joining tables with unique set column
+#
+CREATE TABLE t1(a SET('a') NOT NULL, UNIQUE KEY(a));
+CREATE TABLE t2(b INT PRIMARY KEY);
+INSERT INTO t1 VALUES ();
+Warnings:
+Warning	1364	Field 'a' doesn't have a default value
+INSERT INTO t2 VALUES (1), (2), (3);
+SELECT 1 FROM t2 JOIN t1 ON 1 LIKE a GROUP BY a;
+1
+DROP TABLE t1, t2;
+End of 5.1 tests