Bug #30120 SP with local variables with non-ASCII names crashes server
Submitted: 29 Jul 2007 20:27 Modified: 3 Aug 2007 2:20
Reporter: Gleb Shchepa Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:5.0-bk, 5.1-bk OS:Any
Assigned to: Gleb Shchepa CPU Architecture:Any

[29 Jul 2007 20:27] Gleb Shchepa
Description:
Using of local variables with non-ASCII names in SP/SF/triggers leads to server crash.

This bug causes failures of ddl_i18n_koi8r.test.

How to repeat:
SET NAMES latin1;

DELIMITER |;

CREATE PROCEDURE p1()
BEGIN
  DECLARE áâä INT;
  SELECT áâä;
END|

DELIMITER ;|

CALL p1();
[29 Jul 2007 20:29] Gleb Shchepa
test case

Attachment: 30120.test (application/octet-stream, text), 212 bytes.

[29 Jul 2007 22:02] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/31783

ChangeSet@1.2573, 2007-07-30 03:20:45+05:00, gshchepa@gleb.loc +1 -0
  disabled.def:
    ddl_i18n_koi8r.test has been disabled to ignore bug #30120.
[29 Jul 2007 23:16] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/31785

ChangeSet@1.2490, 2007-07-30 04:35:16+05:00, gshchepa@gleb.loc +6 -0
  Fixed bug #30120.
  SP with local variables with non-ASCII names crashed the server.
  
  The server replaces SP local variable names with NAME_CONST calls
  when putting statements into the binary log. It used UTF8-encoded
  item names as variable names for the replacement inside NAME_CONST
  calls. However, statement string may be encoded by any
  known character set by the SET NAMES statement.
  The server used byte length of UTF8-encoded names to increment
  the position in the query string that led to array index overrun.
[30 Jul 2007 23:27] Marc Alff
Patch approved by email.
[2 Aug 2007 19:13] Bugs System
Pushed into 5.1.21-beta
[2 Aug 2007 19:15] Bugs System
Pushed into 5.0.48
[3 Aug 2007 2:20] Paul Dubois
Noted in 5.0.48, 5.1.21 changelogs.

Use of local variables with non-ASCII names in stored procedures
crashed the server.