Bug #72621 memcached innodb api
Submitted: 12 May 2014 17:58 Modified: 25 Jul 2014 9:08
Reporter: 徹 赤松 Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Memcached Severity:S3 (Non-critical)
Version:mysql-5.7.4-m14 OS:Linux
Assigned to: CPU Architecture:Any
Tags: API, innodb, innodb_api_copy_mci(), memcached

[12 May 2014 17:58] 徹 赤松 
Description:
i am reading source code of plugin/innodb_memcached in version 5.7.4 now.
When i read innodb_api_copy_mci() function in plugin/innodb_memcached/innodb_memcache/src/innodb_api.c file, i found a bug.

# cat -n innodb_api.c 
   621  static
   622  bool
   623  innodb_api_copy_mci(
   624  /*================*/
   ...
   633          data_len = ib_cb_col_get_meta(read_tpl, col_id, &col_meta);
   634
   635          if (data_len == IB_SQL_NULL) {
   636                  mci_item->value_str = NULL;
   637                  mci_item->value_len = 0;
   638                  mci_item->allocated = false;
   639          } else {
   640                  if (col_meta.type == IB_INT) {
   641                          mci_item->value_str = malloc(50);
   642                          memset(mci_item->value_str, 0, 50);
   643
   ...
   667                  } else {
   ...
   674                          mci_item->allocated = true;
   675                          memcpy(mci_item->value_str,
   676                                 ib_cb_col_get_value(read_tpl, col_id),
   677                                 data_len);
   678                          mci_item->value_len = data_len;
   679                  }
   680          }
   681
x  682          mci_item->is_str = true;
   683          mci_item->is_valid = true;
   684
   685          return(true);
   686  }

i think this code is always mci_item->is_str set true, when int_value and value_string. This is no good.

How to repeat:
i cann't repeat, but i think the following are righter. 

   621  static
   622  bool
   623  innodb_api_copy_mci(
   624  /*================*/
   ...
   633          data_len = ib_cb_col_get_meta(read_tpl, col_id, &col_meta);
   634
   635          if (data_len == IB_SQL_NULL) {
   636                  mci_item->value_str = NULL;
   637                  mci_item->value_len = 0;
   638                  mci_item->allocated = false;
   639          } else {
   640                  if (col_meta.type == IB_INT) {
   641                          mci_item->value_str = malloc(50);
   642                          memset(mci_item->value_str, 0, 50);
   643
   ...

o                               mci_item->is_str = false; //added

   667                  } else {
   ...
   674                          mci_item->allocated = true;
   675                          memcpy(mci_item->value_str,
   676                                 ib_cb_col_get_value(read_tpl, col_id),
   677                                 data_len);
   678                          mci_item->value_len = data_len;

o                               mci_item->is_str = true;  //added

   679                  }
   680          }
   681
x  682//        mci_item->is_str = true;  //commented or blank line
   683          mci_item->is_valid = true;
   684
   685          return(true);
   686  }
[8 Jul 2014 12:26] MySQL Verification Team 
Thanks for reporting the issue.
Verifying based on code inspection.

Thanks,
Umesh
[14 Jul 2014 20:20] 徹 赤松 
Thank you for your replay, dir Umesh.
[25 Jul 2014 9:08] Erlend Dahl 
Cleaned up as part of the fix for 

Bug#73287 daemon_memcached_option not shown correctly

in 5.7.5.