Bug #108512 Return value of dimension() need be checked against 2
Submitted: 16 Sep 2022 0:53 Modified: 19 Sep 2022 10:44
Reporter: Li Zhong Email Updates:
Status: Won't fix Impact on me:
None 
Category:MySQL Server: GIS Severity:S3 (Non-critical)
Version:8.0.21 OS:Any
Assigned to: CPU Architecture:Any

[16 Sep 2022 0:53] Li Zhong 
Description:
Hi, I'm researcher on static analysis and we find a potential bug in error checking in MySQL-server-8.0.21 code:

In
https://github.com/mysql/mysql-server/blob/mysql-cluster-8.0.21/sql/spatial.cc#L1032 the dim possibly should be within 0-2, so the next line for the if check, it may be better to have:

  if (dim < 0 && dim > 2) return true;

Not sure whether it's a bug, though the possibility of triggering this error is small.

How to repeat:
We find this by our static analysis tool. The analysis result is checked manually.

Suggested fix:
Change the check to:
  if (dim < 0 && dim > 2) return true;
[16 Sep 2022 5:44] MySQL Verification Team 
Hello Li Zhong,

Thank you for the report and feedback.

regards,
Umesh
[19 Sep 2022 10:44] Tor Didriksen 
Posted by developer:
 
This looks like a false positive from your analysis tool.
We have
  int dimension() const {
    int d = 0;

    if (xmin > xmax)
      return -1;
    else if (xmin < xmax)
      d++;

    if (ymin > ymax)
      return -1;
    else if (ymin < ymax)
      d++;

    return d;
  }

which will return [-1 .. 2]