[Tarantool-patches] [PATCH 2/6] sql: fix possible null dereference in sql_expr_coll()
Nikita Pettik
korablev at tarantool.org
Thu Dec 5 14:40:07 MSK 2019
On 28 Nov 23:42, Vladislav Shpilevoy wrote:
> Thanks for the patch!
>
> Is it possible to test this?
As a pure test case - I've failed to come up with it.
But the next patch (which adds collation to metadata) definitely fails
without this fix (when TRIM() or REPLACE() are called without args).
I can dive into details, but I guess it's not so important here (since
this is obviously buggy place). If you want further investigation, let me
know and I will do it.
> On 27/11/2019 13:15, Nikita Pettik wrote:
> > ---
> > src/box/sql/expr.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
> > index 648b7170e..0bdcfe576 100644
> > --- a/src/box/sql/expr.c
> > +++ b/src/box/sql/expr.c
> > @@ -332,7 +332,8 @@ sql_expr_coll(Parse *parse, Expr *p, bool *is_explicit_coll, uint32_t *coll_id,
> > sql_func_by_signature(p->u.zToken, arg_count);
> > if (func == NULL)
> > break;
> > - if (sql_func_flag_is_set(func, SQL_FUNC_DERIVEDCOLL)) {
> > + if (sql_func_flag_is_set(func, SQL_FUNC_DERIVEDCOLL) &&
> > + arg_count > 0) {
> > /*
> > * Now we use quite straightforward
> > * approach assuming that resulting
> >
More information about the Tarantool-patches
mailing list