From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp62.i.mail.ru (smtp62.i.mail.ru [217.69.128.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id E01CE4696C3 for ; Fri, 29 Nov 2019 01:42:04 +0300 (MSK) References: <1ca68695d7cd7d3d83f4b6829363ef533a23be38.1574846892.git.korablev@tarantool.org> From: Vladislav Shpilevoy Message-ID: Date: Thu, 28 Nov 2019 23:42:02 +0100 MIME-Version: 1.0 In-Reply-To: <1ca68695d7cd7d3d83f4b6829363ef533a23be38.1574846892.git.korablev@tarantool.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [Tarantool-patches] [PATCH 2/6] sql: fix possible null dereference in sql_expr_coll() List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Nikita Pettik , tarantool-patches@dev.tarantool.org Thanks for the patch! Is it possible to test this? On 27/11/2019 13:15, Nikita Pettik wrote: > --- > src/box/sql/expr.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c > index 648b7170e..0bdcfe576 100644 > --- a/src/box/sql/expr.c > +++ b/src/box/sql/expr.c > @@ -332,7 +332,8 @@ sql_expr_coll(Parse *parse, Expr *p, bool *is_explicit_coll, uint32_t *coll_id, > sql_func_by_signature(p->u.zToken, arg_count); > if (func == NULL) > break; > - if (sql_func_flag_is_set(func, SQL_FUNC_DERIVEDCOLL)) { > + if (sql_func_flag_is_set(func, SQL_FUNC_DERIVEDCOLL) && > + arg_count > 0) { > /* > * Now we use quite straightforward > * approach assuming that resulting >