Bug #31438 updatexml still crashes
Submitted: 8 Oct 2007 6:22 Modified: 19 Oct 2007 7:37
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: XML functions Severity:S1 (Critical)
Version:5.1.23 OS:Any
Assigned to: Ramil Kalimullin CPU Architecture:Any
Tags: ExtractValue, updatexml

[8 Oct 2007 6:22] Shane Bester
Description:
mysqld.exe!Item_xml_str_func::fix_length_and_dec
mysqld.exe!Item_func::fix_fields
mysqld.exe!Item_str_func::fix_fields
mysqld.exe!setup_fields
mysqld.exe!JOIN::prepare
mysqld.exe!mysql_select
mysqld.exe!handle_select
mysqld.exe!execute_sqlcom_select
mysqld.exe!mysql_execute_command
mysqld.exe!mysql_parse
mysqld.exe!dispatch_command
mysqld.exe!do_command
mysqld.exe!handle_one_connection
mysqld.exe!pthread_start
mysqld.exe!_threadstart

How to repeat:
select updatexml(1,null,1);
[8 Oct 2007 11:52] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/35094

ChangeSet@1.2582, 2007-10-08 16:52:15+05:00, ramil@mysql.com +3 -0
  Fix for bug #31438: updatexml still crashes
  
  Problem: check missed if the second updatexml() argument is valid.
  
  Fix: check it.
[8 Oct 2007 13:28] Alexander Barkov
The patch http://lists.mysql.com/commits/35094 is ok to push.
[9 Oct 2007 11:27] Sergey Vojtovich
Ok to push.
[9 Oct 2007 12:54] MySQL Verification Team
Ramil, does this patch for this too?

select extractvalue(null,null);
[18 Oct 2007 21:35] Bugs System
Pushed into 5.1.23-beta
[19 Oct 2007 7:37] Jon Stephens
Thank you for your bug report. This issue has been committed to our source repository of that product and will be incorporated into the next release.

If necessary, you can access the source repository and build the latest available version, including the bug fix. More information about accessing the source trees is available at

    http://dev.mysql.com/doc/en/installing-source.html

Documented bugfix in 5.1.23 changelog; closed.