revision-id: f4eac2deeb046a68e4a26ed1a08f8df51bbf817b (mariadb-10.2.16-52-gf4eac2d) parent(s): fd378fc613851a12be346329d32e1666f10610d7 committer: Alexey Botchkov timestamp: 2018-07-31 16:33:05 +0400 message: MDEV-16054 simple json functions flatline cpu on garbage input. Incorrect char sentence should be handled properly. --- mysql-test/r/func_json.result | 6 ++++++ mysql-test/t/func_json.test | 7 +++++++ strings/json_lib.c | 2 ++ 3 files changed, 15 insertions(+) diff --git a/mysql-test/r/func_json.result b/mysql-test/r/func_json.result index 39bd46b..206f745 100644 --- a/mysql-test/r/func_json.result +++ b/mysql-test/r/func_json.result @@ -760,3 +760,9 @@ t1 CREATE TABLE `t1` ( `c2` varchar(38) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL ) ENGINE=MyISAM DEFAULT CHARSET=latin1 DROP TABLE t1; +# +# MDEV-16054 simple json functions flatline cpu on garbage input. +# +select json_array(1,uuid(),compress(5.140264e+307)); +json_array(1,uuid(),compress(5.140264e+307)) +NULL diff --git a/mysql-test/t/func_json.test b/mysql-test/t/func_json.test index 37b1876..c2cc00d 100644 --- a/mysql-test/t/func_json.test +++ b/mysql-test/t/func_json.test @@ -422,3 +422,10 @@ CREATE TABLE t1 AS SELECT JSON_QUOTE(_utf8'foo') AS c2; SHOW CREATE TABLE t1; DROP TABLE t1; + +--echo # +--echo # MDEV-16054 simple json functions flatline cpu on garbage input. +--echo # + +select json_array(1,uuid(),compress(5.140264e+307)); + diff --git a/strings/json_lib.c b/strings/json_lib.c index cbf672f..f6b4f15 100644 --- a/strings/json_lib.c +++ b/strings/json_lib.c @@ -1645,6 +1645,8 @@ int json_escape(CHARSET_INFO *str_cs, return -1; } } + else /* c_len == 0, an illegal symbol. */ + return -1; } return (int)(json - json_start);