Bug #107435 It will return success from expr ST_GeomFromWKB with invalid wkb
Submitted: 31 May 2022 13:06 Modified: 1 Jun 2022 14:19
Reporter: T H Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: GIS Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: CPU Architecture:Any

[31 May 2022 13:06] T H 
Description:
invalid wkb:
01                                           // little_endian
04000000                                     // type:multipoint
03000000                                     // point number: 3
0101000000 00000000000024C0 0000000000004E40 //point1:little_endian(01)|type(01000000)
0001000000 0000000000004940 00000000008051C0 //point2:big_endian(00)|type(01000000)
0101000000 00000000008051C0 0000000000805140

the byte_order of point2 is big_endian, so the value of point2 type should be 16777216 which is invalid gis type. an ER_GIS_INVALID_DATA error is what I expect, but the sql below could get result successfully.

How to repeat:
mysql> select st_astext(ST_GeometryFromWKB(x'010400000003000000010100000000000000000024C00000000000004E400001000000000000000000494000000000008051C0010100000000000000008051C00000000000805140'));
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| st_astext(ST_GeometryFromWKB(x'010400000003000000010100000000000000000024C00000000000004E400001000000000000000000494000000000008051C0010100000000000000008051C00000000000805140')) |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| MULTIPOINT((-10 60),(9.2647e-320 4.154863e-317),(-70 70))                                                                                                                          |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

Suggested fix:
in source code of mysql, function Gis_multi_point::init_from_wkb gets point type directly by uint4korr without considering byte_order;
[31 May 2022 13:35] MySQL Verification Team 
Hi Mr. H,

Thank you for your bug report.

However, we need further info.

What version of server are you using and on which OS and which hardware have you observed that error.
[31 May 2022 13:42] T H 
mysql Server version: 8.0.26-debug Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.

platform: linux x84_64
[31 May 2022 13:43] MySQL Verification Team 
Hi Mr. H,

Also, for your information, endian-ness is always kept the same, independent of the CPU used. 

Hence, you should supply us with a full test case that displays the bug fully.

As far as we could see, your results are the expected ones.
[31 May 2022 14:16] T H 
the full testcase is just what I wrote in How to repeat,
Well-Known Binary(WKB) format is defined by OGC, I explained the meaning of wkb from testcase in Description part(please read it!);
the problem is the first byte(00) of point2 indicate the byte_order is big_endian, but mysql read the type(01000000) of point2 by little_endian;
In postgis, the same wkb report an error which is i expected:
postgres=# select st_astext(ST_GeomFromWKB('\x010400000003000000010100000000000000000024C00000000000004E400001000000000000000000494000000000008051C0010100000000000000008051C00000000000805140'));
ERROR:  Unknown WKB type (16777216)!
[1 Jun 2022 12:12] MySQL Verification Team 
HI Mr. H,

We have noted that you have not used `options` argument. Does it help in this case ???
[1 Jun 2022 14:19] MySQL Verification Team 
Hi Mr. H,

We have further analysed your report and concluded that it is a bug.

Verified as reported.