Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5
-
None
Description
Casting numeric representing decimal value string with many leading
zeros into MySQL database gives an unexpected value. For example query:
"SELECT
CAST(0000000000000000000000000000000000000000000000000000000000000000000000000000000020.01
AS DECIMAL(15,2)) as val;"
gives value 9999999999999.99
The bug appears when input string is longer than 83 symbols and is
present in newest MySQL 8.0, maybe in its older version and in MariaDB
also. "83" limit seems to be related to the DECIMAL_MAX_STR_LENGTH
constant from MySQL C sources, when input string is longer than that
constant, MySQL sets resulted value to maximal decimal value with given
precision.
It could be dangerous in many case, for for example for online financial
services that use MySQL. A malicious persons could use this bug for
getting big amount of money on its account by entering sum with many
leading zeros.
Attachments
Activity
I think it's a bug. It could strip the leading '0' before actual converting to DECIMAL representation.
Thank you for fixing the issue!
IMHO the main problem here was that having too long input string it throws number overflow error, not 'Input string is too long' or something like that error. Which leads to a logical bug - too long input string causes wrong output number. And yes - stripping leading zeros in input string is The Right Thing
FWIW, it throws not even one, but two warnings while doing so, on all versions of MariaDB and MySQL (the text can be slightly different between different versions):
| val || 9999999999999.99 |MariaDB [test]> show warnings;If a financial service doesn't pay attention to warnings, it is bound to have dangerous problems.
Still, assigning to bar to check if it needs to be fixed.