Skip to content

Commit 6ff8d5d

Browse files
author
Aditya A
committed
Bug #20535517 INCORRECT HANDLING OF UNSIGNED NOT NULL INTEGERS IN
 INNODB_MEMCACHED PROBLEM 1)Column attribute can be both IB_COL_UNSIGNED and IB_COL_NOT_NULL, but in the code many times we are checking unsigned attribute in column meta data using "==" operator which will lead to wrong results. 2) When setting up the field value for unsigned integer we are calling innodb_api_write_uint64() without checking the column length which causes assert in innodb_api_write_uint64() if length is less than 8. FIX 1) Check if the unsigned attribute in a column is set by using binary & operator. 2) Check column length before calling innodb_api_write_uint64() for unsigned integer [ rb#9043 and rb#9054 Approved by Jimmy ]
1 parent ed7ebee commit 6ff8d5d

1 file changed

Lines changed: 12 additions & 11 deletions

File tree

plugin/innodb_memcached/innodb_memcache/src/innodb_api.c

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -295,7 +295,7 @@ innodb_api_read_uint64(
295295
uint64_t value64;
296296

297297
assert (m_col->type == IB_INT && m_col->type_len == sizeof(uint64_t)
298-
&& m_col->attr == IB_COL_UNSIGNED);
298+
&& m_col->attr & IB_COL_UNSIGNED);
299299

300300
ib_cb_tuple_read_u64(read_tpl, i, &value64);
301301

@@ -322,7 +322,7 @@ innodb_api_read_int(
322322
|| m_col->type_len == sizeof(uint16_t)
323323
|| m_col->type_len == sizeof(uint8_t));
324324

325-
if (m_col->attr == IB_COL_UNSIGNED) {
325+
if (m_col->attr & IB_COL_UNSIGNED) {
326326
if (m_col->type_len == sizeof(uint64_t)) {
327327
/* We handle uint64 in innodb_api_read_uint64 */
328328
assert(0);
@@ -390,7 +390,7 @@ innodb_api_write_int(
390390
assert(m_col->type_len == 8 || m_col->type_len == 4
391391
|| m_col->type_len == 2 || m_col->type_len == 1);
392392

393-
if (m_col->attr == IB_COL_UNSIGNED) {
393+
if (m_col->attr & IB_COL_UNSIGNED) {
394394
if (m_col->type_len == 8) {
395395
src = &value;
396396

@@ -486,7 +486,7 @@ innodb_api_write_uint64(
486486
ib_cb_col_get_meta(tpl, field, m_col);
487487

488488
assert(m_col->type == IB_INT && m_col->type_len == 8
489-
&& m_col->attr == IB_COL_UNSIGNED);
489+
&& m_col->attr & IB_COL_UNSIGNED);
490490

491491
src = &value;
492492

@@ -536,7 +536,8 @@ innodb_api_setup_field_value(
536536
memcpy(val_buf, value, val_len);
537537
val_buf[val_len] = 0;
538538

539-
if (col_info->col_meta.attr == IB_COL_UNSIGNED) {
539+
if (col_info->col_meta.attr & IB_COL_UNSIGNED
540+
&& col_info->col_meta.type_len == 8) {
540541
uint64_t int_value = 0;
541542

542543
int_value = strtoull(val_buf, &end_ptr, 10);
@@ -604,7 +605,7 @@ innodb_api_fill_mci(
604605
mci_item->is_str = true;
605606
} else {
606607
if (col_meta.type == IB_INT) {
607-
if (col_meta.attr == IB_COL_UNSIGNED
608+
if (col_meta.attr & IB_COL_UNSIGNED
608609
&& data_len == 8) {
609610
mci_item->value_int =
610611
innodb_api_read_uint64(&col_meta,
@@ -620,7 +621,7 @@ innodb_api_fill_mci(
620621
mci_item->value_str = NULL;
621622
mci_item->value_len = sizeof(mci_item->value_int);
622623
mci_item->is_str = false;
623-
mci_item->is_unsigned = (col_meta.attr == IB_COL_UNSIGNED);
624+
mci_item->is_unsigned = (col_meta.attr & IB_COL_UNSIGNED);
624625
} else {
625626

626627
mci_item->value_str = (char*)ib_cb_col_get_value(
@@ -662,7 +663,7 @@ innodb_api_copy_mci(
662663
mci_item->value_str = malloc(50);
663664
memset(mci_item->value_str, 0, 50);
664665

665-
if (col_meta.attr == IB_COL_UNSIGNED) {
666+
if (col_meta.attr & IB_COL_UNSIGNED) {
666667
uint64_t int_val = 0;
667668

668669
int_val = innodb_api_read_uint64(&col_meta,
@@ -927,7 +928,7 @@ innodb_api_search(
927928
if (data_len == IB_SQL_NULL) {
928929
col_value->is_null = true;
929930
} else {
930-
if (col_meta->attr == IB_COL_UNSIGNED
931+
if (col_meta->attr & IB_COL_UNSIGNED
931932
&& data_len == 8) {
932933
col_value->value_int =
933934
innodb_api_read_uint64(col_meta,
@@ -953,7 +954,7 @@ innodb_api_search(
953954
if (data_len == IB_SQL_NULL) {
954955
col_value->is_null = true;
955956
} else {
956-
if (col_meta->attr == IB_COL_UNSIGNED
957+
if (col_meta->attr & IB_COL_UNSIGNED
957958
&& data_len == 8) {
958959
col_value->value_int =
959960
innodb_api_read_uint64(col_meta,
@@ -982,7 +983,7 @@ innodb_api_search(
982983
if (data_len == IB_SQL_NULL) {
983984
col_value->is_null = true;
984985
} else {
985-
if (col_meta->attr == IB_COL_UNSIGNED
986+
if (col_meta->attr & IB_COL_UNSIGNED
986987
&& data_len == 8) {
987988
col_value->value_int =
988989
innodb_api_read_uint64(col_meta,

0 commit comments

Comments
 (0)