server: Correctly handle COM_STMT_EXECUTE without rebind (#984)

* server: Correctly handle COM_STMT_EXECUTE without rebind * update comment

Author: dveeden

server/stmt.go

@@ -155,10 +155,10 @@ func (c *Conn) handleStmtExecute(data []byte) (*mysql.Result, error) {
 pos += paramNum << 1
 
 paramValues = data[pos:]
-}
 
-if err := c.bindStmtArgs(s, nullBitmaps, paramTypes, paramValues); err != nil {
-return nil, errors.Trace(err)
+if err := c.bindStmtArgs(s, nullBitmaps, paramTypes, paramValues); err != nil {
+return nil, errors.Trace(err)
+}
 }
 }
 
@@ -176,6 +176,14 @@ func (c *Conn) handleStmtExecute(data []byte) (*mysql.Result, error) {
 func (c *Conn) bindStmtArgs(s *Stmt, nullBitmap, paramTypes, paramValues []byte) error {
 args := s.Args
 
+// Every param should have a type-and-flag of 2 bytes
+// 0xfe80 == Type 0xfe and Flag 0x80
+// The flag only has one bit and that indicates if it is unsigned or not.
+// Types are 1 byte, but might grow into the 7 unused bits in the future.
+if len(paramTypes)/2 != s.Params {
+return mysql.ErrMalformPacket
+}
+
 pos := 0
 
 var v []byte
@@ -190,7 +198,7 @@ func (c *Conn) bindStmtArgs(s *Stmt, nullBitmap, paramTypes, paramValues []byte)
 }
 
 tp := paramTypes[i<<1]
-isUnsigned := (paramTypes[(i<<1)+1] & 0x80) > 0
+isUnsigned := (paramTypes[(i<<1)+1] & mysql.PARAM_UNSIGNED) > 0
 
 switch tp {
 case mysql.MYSQL_TYPE_NULL: