[MDEV-13971] crash in skip_num_constant Created: 2017-09-30  Updated: 2017-11-11  Resolved: 2017-11-11

Status: Closed
Project: MariaDB Server
Component/s: JSON
Affects Version/s: 10.2.9
Fix Version/s: 10.2.11

Type: Bug Priority: Major
Reporter: sbester1 Assignee: Alexey Botchkov
Resolution: Fixed Votes: 0
Labels: None
Environment:

Win64

Sprint: 10.2.11

 Description    

Version: '10.2.9-MariaDB'  socket: ''  port: 3306  mariadb.org binary distribution
 
mysqld.exe!skip_num_constant()[json_lib.c:508]
 
mysqld.exe!read_num()[json_lib.c:539]
 
mysqld.exe!json_read_value()[json_lib.c:943]
 
mysqld.exe!Item_func_json_unquote::read_json()[item_jsonfunc.cc:602]
 
mysqld.exe!Item_func_json_unquote::val_str()[item_jsonfunc.cc:620]
 
mysqld.exe!Item_str_func::update_null_value()[item_strfunc.h:74]
 
mysqld.exe!Item_avg_field::is_null()[item_sum.h:1244]
 
mysqld.exe!mysql_do()[sql_do.cc:34]
 
mysqld.exe!mysql_execute_command()[sql_parse.cc:3495]
 
mysqld.exe!mysql_parse()[sql_parse.cc:7880]
 
mysqld.exe!dispatch_command()[sql_parse.cc:1814]
 
mysqld.exe!do_command()[sql_parse.cc:1359]
 
mysqld.exe!threadpool_process_request()[threadpool_common.cc:366]

How to repeat
#a few testcases....

do json_valid(0x36f0c8dccd83c5eac156da);
 
do json_type(0x34f4);
 
do json_unquote(concat_ws(0xde131ca50deb,@g,21553,0x593c35));
 
do json_type(0x38ea);
 
do json_valid(0x31f21f91fe8361);
 
do json_depth(0x33ec0b);
 
do json_valid(0x36ec634665d6);
 
do json_depth(reverse(0xd4ce69de33));
 
do json_valid(0x30e40d);



 Comments   
Comment by Elena Stepanova [ 2017-09-30 ]

Thanks for the report and test cases.

Comment by Alexey Botchkov [ 2017-11-11 ]

http://lists.askmonty.org/pipermail/commits/2017-November/011638.html

Generated at Thu Feb 08 08:09:49 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.