Bug #31705 Partitions: crash if varchar length > 65530
Submitted: 19 Oct 2007 0:29 Modified: 15 Nov 2007 16:05
Reporter: Peter Gulutzan
Status: Closed
Category:Server: Partition Severity:S3 (Non-critical)
Version:5.2.6-alpha-debug, 5.1.23 OS:Linux (SUSE 10 64-bit)
Assigned to: Mattias Jonsson Target Version:

[19 Oct 2007 0:29] Peter Gulutzan 
Description:
I create a table with key partitioning on a long varchar column.
I try to select from the table.
Crash.

How to repeat:
create table tx (s1 varchar(65531)) partition by key (s1);
select * from tx where s1 = 'a%';
select * from tx where s1 like 'a%'; /* won't get here */
[19 Oct 2007 1:04] Miguel Solorzano 
Thank you for the bug report. Verified as described on FC 6.0 32-bit.
[22 Oct 2007 14:58] Mattias Jonsson 
Since it is a crashing bug, it should be P1.
[4 Nov 2007 21:42] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/37063

ChangeSet@1.2606, 2007-11-04 21:42:26+01:00, mattiasj@mattiasj-laptop.(none) +3 -0
  Bug#31705 Partitions: crash if varchar length > 65530
  
  Buffer overflow due to wrong key length in partitioning
  
  Changed to the correct key_length function.
[6 Nov 2007 17:31] Sergey Petrunia 
The bug also repeats with 5.1.

I get the same crash on 5.1-bk, tip cset:
ChangeSet@1.2604, 2007-11-05 13:33:20+01:00, tomas@whalegate.ndb.mysql.com +2 -0

Mattias: This means it should be fixed in 5.1.
[6 Nov 2007 17:50] Sergey Petrunia 
Ok, I now see that the fix was made for 5.1. I've updated the version field.
[12 Nov 2007 14:51] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/37574

ChangeSet@1.2606, 2007-11-12 14:51:14+01:00, mattiasj@mattiasj-laptop.(none) +3 -0
  Bug#31705 Partitions: crash if varchar length > 65530
  
  Buffer overflow due to wrong key length in partitioning
  
  Changed to the correct key_length function.
[14 Nov 2007 10:41] Bugs System 
Pushed into 6.0.4-alpha
[14 Nov 2007 10:45] Bugs System 
Pushed into 5.1.23-rc
[14 Nov 2007 11:08] Mattias Jonsson 
Pushed into the 5.1 and up (now in main-tree).
[15 Nov 2007 16:05] Jon Stephens 
Thank you for your bug report. This issue has been committed to our source repository of
that product and will be incorporated into the next release.

If necessary, you can access the source repository and build the latest available version,
including the bug fix. More information about accessing the source trees is available at

    http://dev.mysql.com/doc/en/installing-source.html

Documented bugfix in 5.1.23 and 6.0.4 changelogs.