• unknown's avatar
    Fixed bug #16510: Updating field named like '*name' caused server crash. · e14c9c5d
    unknown authored
    When setup_fields() function finds field named '*' it expands it to the list
    of all table fields. It does so by checking that the first char of
    field_name is '*', but it doesn't checks that the '* is the only char.
    Due to this, when updating table with a field named like '*name', such field
    is wrongly treated as '*' and expanded. This leads to making list of fields
    to update being longer than list of the new values. Later, the fill_record() 
    function crashes by dereferencing null when there is left fields to update,
    but no more values.
    
    Added check in the setup_fields() function which ensures that the field
    expanding will be done only when '*' is the only char in the field name.
    
    
    mysql-test/t/update.test:
      Added test case for bug#16510: Updating field named like '*name' caused server crash
    mysql-test/r/update.result:
      Added test case for bug#16510: Updating field named like '*name' caused server crash
    sql/sql_base.cc:
      Fixed bug #16510: Updating field named like '*name' caused server crash.
      Added check in the setup_fields() function which ensures that the field
      expanding will be done only when '*' is the only char in the field name.
    e14c9c5d
sql_base.cc 67.3 KB