Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

P2-[4.0 bug hunting]-[SELECT query]-Wrong error returned #17751

Open
sre-bot opened this issue Jun 5, 2020 · 0 comments
Open

P2-[4.0 bug hunting]-[SELECT query]-Wrong error returned #17751

sre-bot opened this issue Jun 5, 2020 · 0 comments
Labels
challenge-program help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. severity/minor sig/execution SIG execution type/bug The issue is confirmed as a bug.

Comments

@sre-bot
Copy link
Contributor

sre-bot commented Jun 5, 2020
edited by lzmhhh123
Loading

Description

Bug Hunter issue tidb-challenge-program/bug-hunting-issue#75

Bug Report

1. What did you do?

mysql> select * from user where user((((((((((((((((((((( True ) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))))) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND ((((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))));
ERROR 1582 (42000): Incorrect parameter count in the call to native function 'user

2. What did you expect to see?

mysql> select * from user where user((((((((((((((((((((( True ) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR  False )) AND ((( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) OR  False )) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))))) AND ((( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (( 1 <=( 4751 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) AND ((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND ((((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ( 1 <=( 4751 ))) OR ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 )))))) AND (((( 1856 = 7703761045 )) OR (( 1856 = 7703761045 )) OR ( 1 <=( 4751 ))) OR (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))) AND ((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR (( 1856 = 7703761045 ))))));
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(((((((((((((((((((( True ) AND (((( 1856 = 7703761045 )) OR ( 1 <=( 4751 )) OR ' at line 1

3. What did you see instead?

ERROR 1582 (42000): Incorrect parameter count in the call to native function 'user'

4. What version of TiDB are you using? (tidb-server -V or run select tidb_version(); on TiDB)

mysql> select tidb_version();
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| tidb_version()                                                                                                                                                                                                                                                                                        |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Release Version: v4.0.0-rc
Git Commit Hash: 79db9e30ab8f98ac07c8ae55c66dfecc24b43d56
Git Branch: heads/refs/tags/v4.0.0-rc
UTC Build Time: 2020-04-08 07:32:25
GoVersion: go1.13
Race Enabled: false
TiKV Min Version: v3.0.0-60965b006877ca7234adaced7890d7b029ed1306
Check Table Before Drop: false |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

SIG slack channel

#sig-exec

Score

  • 300

Mentor
@sre-bot sre-bot added the type/bug The issue is confirmed as a bug. label Jun 5, 2020
@djshow832 djshow832 added the sig/execution SIG execution label Jun 5, 2020
@lzmhhh123 lzmhhh123 added challenge-program help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. labels Oct 30, 2020
@ichn-hu ichn-hu mentioned this issue Nov 3, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
challenge-program help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. severity/minor sig/execution SIG execution type/bug The issue is confirmed as a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@qw4990 @tisonkun @lzmhhh123 @sre-bot @djshow832