From e409ebf143c754b0a846e776854def244186943c Mon Sep 17 00:00:00 2001 From: "Sinisa@sinisa.nasamreza.org" <> Date: Wed, 22 Dec 2004 21:31:17 +0200 Subject: [PATCH 1/2] A fix for the bug #7495 --- mysql-test/r/func_str.result | 12 ++++++++++++ mysql-test/t/func_str.test | 12 ++++++++++++ sql/item_strfunc.cc | 4 ++-- 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/mysql-test/r/func_str.result b/mysql-test/r/func_str.result index d38a2edfa1a..2ca90653fec 100644 --- a/mysql-test/r/func_str.result +++ b/mysql-test/r/func_str.result @@ -291,3 +291,15 @@ trim(trailing 'foo' from 'foo') select trim(leading 'foo' from 'foo'); trim(leading 'foo' from 'foo') +create table t1 (a varchar(80), b varchar(80)); +insert into t1 values(NULL,"12345"); +insert into t1 values(NULL,"chm"); +select quote(ltrim(concat(' ',t1.b))) from t1; +quote(ltrim(concat(' ',t1.b))) +'12345' +'chm' +select quote(trim(concat(' ',t1.b))) from t1; +quote(trim(concat(' ',t1.b))) +'12345' +'chm' +drop table t1; diff --git a/mysql-test/t/func_str.test b/mysql-test/t/func_str.test index 1ae4db3a42a..421512c4dc4 100644 --- a/mysql-test/t/func_str.test +++ b/mysql-test/t/func_str.test @@ -185,3 +185,15 @@ drop table t1; select trim(trailing 'foo' from 'foo'); select trim(leading 'foo' from 'foo'); + +# +# crashing bug with QUOTE() and LTRIM() or TRIM() fixed +# Bug #7495 +# + +create table t1 (a varchar(80), b varchar(80)); +insert into t1 values(NULL,"12345"); +insert into t1 values(NULL,"chm"); +select quote(ltrim(concat(' ',t1.b))) from t1; +select quote(trim(concat(' ',t1.b))) from t1; +drop table t1; diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc index 53a9d3fe219..61477753594 100644 --- a/sql/item_strfunc.cc +++ b/sql/item_strfunc.cc @@ -1141,7 +1141,7 @@ String *Item_func_ltrim::val_str(String *str) } if (ptr == res->ptr()) return res; - tmp_value.set(*res,(uint) (ptr - res->ptr()),(uint) (end-ptr)); + tmp_value.copy(res->ptr() + (ptr - res->ptr()), (uint32) (end - ptr)); return &tmp_value; } @@ -1266,7 +1266,7 @@ String *Item_func_trim::val_str(String *str) } if (ptr == res->ptr() && end == ptr+res->length()) return res; - tmp_value.set(*res,(uint) (ptr - res->ptr()),(uint) (end-ptr)); + tmp_value.copy(res->ptr() + (ptr - res->ptr()), (uint32) (end - ptr)); return &tmp_value; } From 3c5a3258972fa2487f0997db14ee6f31be862dbb Mon Sep 17 00:00:00 2001 From: "Sinisa@sinisa.nasamreza.org" <> Date: Thu, 23 Dec 2004 21:08:54 +0200 Subject: [PATCH 2/2] Fix for a bug #7495 --- mysql-test/r/func_str.result | 18 ++++++------------ mysql-test/t/func_str.test | 8 ++------ sql/item_strfunc.cc | 14 +++++++------- 3 files changed, 15 insertions(+), 25 deletions(-) diff --git a/mysql-test/r/func_str.result b/mysql-test/r/func_str.result index 2ca90653fec..278cd4dd935 100644 --- a/mysql-test/r/func_str.result +++ b/mysql-test/r/func_str.result @@ -291,15 +291,9 @@ trim(trailing 'foo' from 'foo') select trim(leading 'foo' from 'foo'); trim(leading 'foo' from 'foo') -create table t1 (a varchar(80), b varchar(80)); -insert into t1 values(NULL,"12345"); -insert into t1 values(NULL,"chm"); -select quote(ltrim(concat(' ',t1.b))) from t1; -quote(ltrim(concat(' ',t1.b))) -'12345' -'chm' -select quote(trim(concat(' ',t1.b))) from t1; -quote(trim(concat(' ',t1.b))) -'12345' -'chm' -drop table t1; +select quote(ltrim(concat(' ', 'a'))); +quote(ltrim(concat(' ', 'a'))) +'a' +select quote(trim(concat(' ', 'a'))); +quote(trim(concat(' ', 'a'))) +'a' diff --git a/mysql-test/t/func_str.test b/mysql-test/t/func_str.test index 421512c4dc4..79a996e7e78 100644 --- a/mysql-test/t/func_str.test +++ b/mysql-test/t/func_str.test @@ -191,9 +191,5 @@ select trim(leading 'foo' from 'foo'); # Bug #7495 # -create table t1 (a varchar(80), b varchar(80)); -insert into t1 values(NULL,"12345"); -insert into t1 values(NULL,"chm"); -select quote(ltrim(concat(' ',t1.b))) from t1; -select quote(trim(concat(' ',t1.b))) from t1; -drop table t1; +select quote(ltrim(concat(' ', 'a'))); +select quote(trim(concat(' ', 'a'))); diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc index 61477753594..a852906ee2c 100644 --- a/sql/item_strfunc.cc +++ b/sql/item_strfunc.cc @@ -1141,7 +1141,7 @@ String *Item_func_ltrim::val_str(String *str) } if (ptr == res->ptr()) return res; - tmp_value.copy(res->ptr() + (ptr - res->ptr()), (uint32) (end - ptr)); + tmp_value.set(*res,(uint) (ptr - res->ptr()),(uint) (end-ptr)); return &tmp_value; } @@ -1266,7 +1266,7 @@ String *Item_func_trim::val_str(String *str) } if (ptr == res->ptr() && end == ptr+res->length()) return res; - tmp_value.copy(res->ptr() + (ptr - res->ptr()), (uint32) (end - ptr)); + tmp_value.set(*res,(uint) (ptr - res->ptr()),(uint) (end-ptr)); return &tmp_value; } @@ -2185,16 +2185,16 @@ String *Item_func_quote::val_str(String *str) /* We have to use realloc() instead of alloc() as we want to keep the - old result in str + old result in arg */ - if (str->realloc(new_length)) + if (arg->realloc(new_length)) goto null; /* As 'arg' and 'str' may be the same string, we must replace characters from the end to the beginning */ - to= (char*) str->ptr() + new_length - 1; + to= (char*) arg->ptr() + new_length - 1; *to--= '\''; for (start= (char*) arg->ptr(),end= start + arg_length; end-- != start; to--) { @@ -2222,9 +2222,9 @@ String *Item_func_quote::val_str(String *str) } } *to= '\''; - str->length(new_length); + arg->length(new_length); null_value= 0; - return str; + return arg; null: null_value= 1;