mirror of
https://github.com/MariaDB/server.git
synced 2025-07-27 18:02:13 +03:00
MDEV-23666: Assertion `m_cpp_buf <= ptr && ptr <= m_cpp_buf + m_buf_length' failed in Lex_input_stream::body_utf8_append
On parsing statements for which a starting backtick (`) delimiter doesn't have
a corresponding ending backtick, a current pointer to a position inside a
pre-processed buffer could go beyond the end of the buffer.
This bug report caused by the commit d496765903
"MDEV-22022 Various mangled SQL statements will crash 10.3 to 10.5 debug builds".
In order to fix the issue both pointers m_ptr and m_cpp_ptr must be
rolled back to previous position in raw input and pre-processed input streams
correspondingly in case end of query reached during parsing.
This commit is contained in:
@ -2215,6 +2215,8 @@ int Lex_input_stream::scan_ident_delimited(THD *thd,
|
||||
Return the quote character, to have the parser fail on syntax error.
|
||||
*/
|
||||
m_ptr= (char *) m_tok_start + 1;
|
||||
if (m_echo)
|
||||
m_cpp_ptr= (char *) m_cpp_tok_start + 1;
|
||||
return quote_char;
|
||||
}
|
||||
int var_length= my_charlen(cs, get_ptr() - 1, get_end_of_query());
|
||||
|
Reference in New Issue
Block a user