Bug #31438 updatexml still crashes
Submitted: 8 Oct 2007 8:22 Modified: 19 Oct 2007 9:37
Reporter: Shane Bester
Status: Closed
Category:Server: XML Severity:S1 (Critical)
Version:5.1.23 OS:Any
Assigned to: Ramil Kalimullin Target Version:
Tags: ExtractValue, updatexml

[8 Oct 2007 8:22] Shane Bester 
Description:
mysqld.exe!Item_xml_str_func::fix_length_and_dec
mysqld.exe!Item_func::fix_fields
mysqld.exe!Item_str_func::fix_fields
mysqld.exe!setup_fields
mysqld.exe!JOIN::prepare
mysqld.exe!mysql_select
mysqld.exe!handle_select
mysqld.exe!execute_sqlcom_select
mysqld.exe!mysql_execute_command
mysqld.exe!mysql_parse
mysqld.exe!dispatch_command
mysqld.exe!do_command
mysqld.exe!handle_one_connection
mysqld.exe!pthread_start
mysqld.exe!_threadstart

How to repeat:
select updatexml(1,null,1);
[8 Oct 2007 13:52] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/35094

ChangeSet@1.2582, 2007-10-08 16:52:15+05:00, ramil@mysql.com +3 -0
  Fix for bug #31438: updatexml still crashes
  
  Problem: check missed if the second updatexml() argument is valid.
  
  Fix: check it.
[8 Oct 2007 15:28] Alexander Barkov 
The patch http://lists.mysql.com/commits/35094 is ok to push.
[9 Oct 2007 13:27] Sergey Vojtovich 
Ok to push.
[9 Oct 2007 14:54] Shane Bester 
Ramil, does this patch for this too?

select extractvalue(null,null);
[18 Oct 2007 23:35] Bugs System 
Pushed into 5.1.23-beta
[19 Oct 2007 9:37] Jon Stephens 
Thank you for your bug report. This issue has been committed to our source repository of
that product and will be incorporated into the next release.

If necessary, you can access the source repository and build the latest available
version, including the bug fix. More information about accessing the source trees is
available at

    http://dev.mysql.com/doc/en/installing-source.html

Documented bugfix in 5.1.23 changelog; closed.