It seems CVE-2013-1861 has been fixed in MySQL upstream, but they don't ship a test case for that. This patch only includes the test case ported from MariaDB fix: https://mariadb.atlassian.net/browse/MDEV-4252 diff -up mysql-5.5.31/mysql-test/r/gis.result.cve mysql-5.5.31/mysql-test/r/gis.result --- mysql-5.5.31/mysql-test/r/gis.result.cve 2013-06-03 16:32:33.732025515 +0200 +++ mysql-5.5.31/mysql-test/r/gis.result 2013-06-03 16:34:04.519691044 +0200 @@ -1113,4 +1113,19 @@ SELECT 1 FROM g1 WHERE a >= ANY (SELECT 1 FROM g1 WHERE a = geomfromtext('') OR a) ; 1 DROP TABLE g1; +# +# TODO-424 geometry query crashes server +# +select astext(0x0100000000030000000100000000000010); +astext(0x0100000000030000000100000000000010) +NULL +select area(0x0100000000030000000100000000000010); +area(0x0100000000030000000100000000000010) +NULL +select astext(exteriorring(0x0100000000030000000100000000000010)); +astext(exteriorring(0x0100000000030000000100000000000010)) +NULL +select astext(centroid(0x0100000000030000000100000000000010)); +astext(centroid(0x0100000000030000000100000000000010)) +NULL End of 5.5 tests diff -up mysql-5.5.31/mysql-test/t/gis.test.cve mysql-5.5.31/mysql-test/t/gis.test --- mysql-5.5.31/mysql-test/t/gis.test.cve 2013-06-03 16:32:33.733025512 +0200 +++ mysql-5.5.31/mysql-test/t/gis.test 2013-06-03 16:34:38.942560749 +0200 @@ -868,4 +868,11 @@ SELECT 1 FROM g1 WHERE a >= ANY DROP TABLE g1; +--echo # +--echo # TODO-424 geometry query crashes server +--echo # +select astext(0x0100000000030000000100000000000010); +select area(0x0100000000030000000100000000000010); +select astext(exteriorring(0x0100000000030000000100000000000010)); +select astext(centroid(0x0100000000030000000100000000000010)); --echo End of 5.5 tests