Commit 6fc17dab authored by unknown's avatar unknown

Fixed bug #25427.

In the method Item_field::fix_fields we try to resolve the name of
the field against the names of the aliases that occur in the select
list. This is done by a call of the function find_item_in_list.
When this function finds several occurrences of the field name
it sends an error message to the error queue and returns 0.
Yet the code did not take into account that find_item_in_list
could return 0 and tried to dereference the returned value.


mysql-test/r/order_by.result:
  Added a test case for bug #25427.
mysql-test/t/order_by.test:
  Added a test case for bug #25427.
sql/item.cc:
  Fixed bug #25427.
  In the method Item_field::fix_fields we try to resolve the name of
  the field against the names of the aliases that occur in the select
  list. This is done by a call of the function find_item_in_list.
  When this function finds several occurrences of the field name 
  it sends an error message to the error queue and returns 0.
  Yet the code did not take into account that find_item_in_list
  could return 0 and tried to dereference the returned value.
parent 8e0eea0d
...@@ -847,3 +847,11 @@ num (select num + 2 FROM t1 LIMIT 1) ...@@ -847,3 +847,11 @@ num (select num + 2 FROM t1 LIMIT 1)
SELECT a.a + 1 AS num FROM t1 a JOIN t1 b ON num = b.a; SELECT a.a + 1 AS num FROM t1 a JOIN t1 b ON num = b.a;
ERROR 42S22: Unknown column 'num' in 'on clause' ERROR 42S22: Unknown column 'num' in 'on clause'
DROP TABLE t1; DROP TABLE t1;
CREATE TABLE t1 (a int);
SELECT p.a AS val, q.a AS val1 FROM t1 p, t1 q ORDER BY val > 1;
val val1
SELECT p.a AS val, q.a AS val FROM t1 p, t1 q ORDER BY val;
ERROR 23000: Column 'val' in order clause is ambiguous
SELECT p.a AS val, q.a AS val FROM t1 p, t1 q ORDER BY val > 1;
ERROR 23000: Column 'val' in order clause is ambiguous
DROP TABLE t1;
...@@ -575,4 +575,19 @@ SELECT a + 1 AS num, (select num + 2 FROM t1 LIMIT 1) FROM t1; ...@@ -575,4 +575,19 @@ SELECT a + 1 AS num, (select num + 2 FROM t1 LIMIT 1) FROM t1;
SELECT a.a + 1 AS num FROM t1 a JOIN t1 b ON num = b.a; SELECT a.a + 1 AS num FROM t1 a JOIN t1 b ON num = b.a;
DROP TABLE t1; DROP TABLE t1;
#
# Bug #25427: crash when order by expression contains a name
# that cannot be resolved unambiguously
#
CREATE TABLE t1 (a int);
SELECT p.a AS val, q.a AS val1 FROM t1 p, t1 q ORDER BY val > 1;
--error 1052
SELECT p.a AS val, q.a AS val FROM t1 p, t1 q ORDER BY val;
--error 1052
SELECT p.a AS val, q.a AS val FROM t1 p, t1 q ORDER BY val > 1;
DROP TABLE t1;
# End of 4.1 tests # End of 4.1 tests
...@@ -1761,6 +1761,8 @@ bool Item_field::fix_fields(THD *thd, TABLE_LIST *tables, Item **ref) ...@@ -1761,6 +1761,8 @@ bool Item_field::fix_fields(THD *thd, TABLE_LIST *tables, Item **ref)
Item** res= find_item_in_list(this, thd->lex->current_select->item_list, Item** res= find_item_in_list(this, thd->lex->current_select->item_list,
&counter, REPORT_EXCEPT_NOT_FOUND, &counter, REPORT_EXCEPT_NOT_FOUND,
&not_used); &not_used);
if (!res)
return 1;
if (res != (Item **)not_found_item) if (res != (Item **)not_found_item)
{ {
if ((*res)->type() == Item::FIELD_ITEM) if ((*res)->type() == Item::FIELD_ITEM)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment