Comment 2 for bug 1175519

MySQL 5.5.33:

5.5$ bzr log -r 4397
------------------------------------------------------------
revno: 4397
committer: Sujatha Sivakumar <email address hidden>
branch nick: Bug16753869_mysql-5.5
timestamp: Mon 2013-06-24 11:11:55 +0530
message:
  Bug#16753869:INCORRECT TRUNCATION OF LONG SET EXPRESSION IN
  LOAD DATA CAN CAUSE SQL INJECTION

  Problem:
  =======
  A long SET expression in LOAD DATA is incorrectly truncated
  when written to the binary log.

  Analysis:
  ========
  LOAD DATA statements are reconstructed once again before
  they are written to the binary log. When SET clauses are
  specified as part of LOAD DATA statement, these SET clause
  user command strings need to be stored as it is inorder to
  reconstruct the original user command. At present these
  strings are stored as part of SET clause item tree's
  top most Item node's name itself which is incorrect. As an
  Item::name can be of MAX_ALIAS_NAME (256) size. Hence the
  name will get truncated to "255".

  Because of this the rewritten LOAD DATA statement will be
  terminated incorrectly. When this statment is read back by
  the mysqlbinlog tool it reads a starting single quote and
  continuos to read till it finds an ending quote. Hence any
  statement written post ending quote will be considered as
  a new statement.

  Fix:
  ===
  As name field has length restriction the string value
  should not be stored in Item::name. A new String list is
  maintained to store the SET expression values and this list
  is read during reconstrution.