Bug #37277 Potential crash when a spatial index isn't the first key
Submitted: 9 Jun 2008 9:02 Modified: 3 Dec 2008 19:41
Reporter: Ramil Kalimullin Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: MyISAM storage engine Severity:S3 (Non-critical)
Version:5.0 OS:Any
Assigned to: Ramil Kalimullin CPU Architecture:Any

[9 Jun 2008 9:02] Ramil Kalimullin 
Description:
In rt_index.c:rtree_get_first() and rt_index.c:rtree_get_next() functions 
we pass a wrong parameter to rtree_get_req() - &keyinfo[keynr] (instead of keyinfo). That may lead to server crash when the spatial index isn't the 
first key.

How to repeat:
Look at the code.
A test case will be submitted later.

Suggested fix:
s/&keyinfo[keynr]/keyinfo/
[23 Jun 2008 7:30] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/48309

2641 Ramil Kalimullin	2008-06-23
      Fix for bug#37277: Potential crash when a spatial index isn't the first key
      
      Typo fixed.
      No test case as we actually don't use rtree_get_first() 
      and rtree_get_next() at present.
[26 Aug 2008 13:51] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/52561

2676 Ramil Kalimullin	2008-08-26
      Fix for bug#37277: Potential crash when a spatial index isn't the first key
      
      Typo fixed.
      No test case as we actually don't use rtree_get_first() 
      and rtree_get_next() at present.
[26 Aug 2008 13:57] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/52563

2676 Ramil Kalimullin	2008-08-26
      Fix for bug#37277: Potential crash when a spatial index isn't the first key
      
      Typo fixed.
      No test case as we actually don't use rtree_get_first() 
      and rtree_get_next() at present.
[26 Aug 2008 18:32] Bugs System 
Pushed into 5.0.70  (revid:ramil@mysql.com-20080826135106-or6sy99vs6gnt2df) (version source revid:davi.arnaut@sun.com-20080826182704-ikgad9sf3142e7x9) (pib:3)
[26 Aug 2008 19:10] Bugs System 
Pushed into 5.1.28  (revid:ramil@mysql.com-20080826135106-or6sy99vs6gnt2df) (version source revid:davi.arnaut@sun.com-20080826183817-r22ie0hgagpcn6su) (pib:3)
[13 Sep 2008 21:36] Bugs System 
Pushed into 6.0.7-alpha  (revid:ramil@mysql.com-20080826135106-or6sy99vs6gnt2df) (version source revid:john.embretsen@sun.com-20080807141954-vwbm90sv8oqgh41p) (pib:3)
[3 Dec 2008 19:41] Paul DuBois 
No user-visible effect. No changelog entry needed.