From e6d81ad3383fa5f6dc282ff7d85d3e2cdbec5a9c Mon Sep 17 00:00:00 2001 From: "gkodinov/kgeorge@magare.gmz[kgeorge]" <> Date: Mon, 26 Mar 2007 13:17:40 +0300 Subject: [PATCH] Bug #27164: not reseting the data pointer to 0 causes wrong (large) length to be read from the row in _mi_calc_blob_length() when storing NULL values in (e.g) POINT columns. This large length is then used to allocate a block of memory that (on some OSes) causes trouble. Fixed by calling the base class's Field_blob::reset() from Field_geom::reset() that is called when storing a NULL value into the column. --- mysql-test/r/gis.result | 6 ++++++ mysql-test/t/gis.test | 8 ++++++++ sql/field.h | 2 +- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/mysql-test/r/gis.result b/mysql-test/r/gis.result index de7e44ed7b2..643a3d6b434 100644 --- a/mysql-test/r/gis.result +++ b/mysql-test/r/gis.result @@ -718,4 +718,10 @@ point(b, b) IS NULL linestring(b) IS NULL polygon(b) IS NULL multipoint(b) IS NU 1 1 1 1 1 1 1 0 1 1 1 1 1 1 drop table t1; +CREATE TABLE t1(a POINT) ENGINE=MyISAM; +INSERT INTO t1 VALUES (NULL); +SELECT * FROM t1; +a +NULL +DROP TABLE t1; End of 4.1 tests diff --git a/mysql-test/t/gis.test b/mysql-test/t/gis.test index 6bd0db92152..7182e040d46 100644 --- a/mysql-test/t/gis.test +++ b/mysql-test/t/gis.test @@ -411,4 +411,12 @@ from t1; drop table t1; +# +# Bug #27164: Crash when mixing InnoDB and MyISAM Geospatial tables +# +CREATE TABLE t1(a POINT) ENGINE=MyISAM; +INSERT INTO t1 VALUES (NULL); +SELECT * FROM t1; +DROP TABLE t1; + --echo End of 4.1 tests diff --git a/sql/field.h b/sql/field.h index d3e38db83d1..58177747120 100644 --- a/sql/field.h +++ b/sql/field.h @@ -1115,7 +1115,7 @@ public: int store(const char *to, uint length, CHARSET_INFO *charset); int store(double nr) { return 1; } int store(longlong nr) { return 1; } - int reset(void) { return !maybe_null(); } + int reset(void) { return !maybe_null() || Field_blob::reset(); } void get_key_image(char *buff,uint length, CHARSET_INFO *cs,imagetype type); void set_key_image(char *buff,uint length, CHARSET_INFO *cs);