database-utility
diff --git a/‎mysql-test/suite/innodb/r/partition-blob.result
+14 b/‎mysql-test/suite/innodb/r/partition-blob.result
+14
diff --git a/‎mysql-test/suite/innodb/t/partition-blob.test
+18 b/‎mysql-test/suite/innodb/t/partition-blob.test
+18
diff --git a/‎storage/innobase/handler/ha_innopart.cc
+157-4 b/‎storage/innobase/handler/ha_innopart.cc
+157-4
@@ -0,0 +1,14 @@
+#
+# Bug #20582149 INVALID READ OF SIZE 1 IN PROTOCOL::NET_STORE_DATA
+#
+CREATE TABLE t1 (f1 INT NOT NULL, f2 text,
+PRIMARY KEY(f1)) PARTITION BY KEY() PARTITIONS 4;
+INSERT INTO t1 VALUES(42,'Testing MySQL databases is a cool ');
+INSERT INTO t1 VALUES(2,'Testing MySQL databases is a cool ');
+INSERT INTO t1 VALUES(4,'Testing MySQL databases is a cool ');
+select f1, f2 from t1 order by f1;
+f1	f2
+2	Testing MySQL databases is a cool 
+4	Testing MySQL databases is a cool 
+42	Testing MySQL databases is a cool 
+DROP TABLE IF EXISTS t1;
@@ -0,0 +1,18 @@
+--source include/have_partition.inc
+--source include/have_innodb.inc
+
+--echo #
+--echo # Bug #20582149 INVALID READ OF SIZE 1 IN PROTOCOL::NET_STORE_DATA
+--echo #
+
+CREATE TABLE t1 (f1 INT NOT NULL, f2 text,
+  PRIMARY KEY(f1)) PARTITION BY KEY() PARTITIONS 4;
+
+INSERT INTO t1 VALUES(42,'Testing MySQL databases is a cool ');
+INSERT INTO t1 VALUES(2,'Testing MySQL databases is a cool ');
+INSERT INTO t1 VALUES(4,'Testing MySQL databases is a cool ');
+
+select f1, f2 from t1 order by f1;
+
+DROP TABLE IF EXISTS t1;
+
@@ -710,6 +710,7 @@ ha_innopart::ha_innopart(
 	Partition_helper(this),
 	m_ins_node_parts(),
 	m_upd_node_parts(),
+	m_blob_heap_parts(),
 	m_trx_id_parts(),
 	m_row_read_type_parts(),
 	m_sql_stat_start_parts(),
@@ -1223,6 +1224,9 @@ ha_innopart::open(
 				ut_malloc(sizeof(*m_upd_node_parts)
 					    * m_tot_parts,
 					  mem_key_partitioning));
+
+	alloc_blob_heap_array();
+
 	m_trx_id_parts = static_cast<trx_id_t*>(
 				ut_malloc(sizeof(*m_trx_id_parts)
 					    * m_tot_parts,
@@ -1236,6 +1240,7 @@ ha_innopart::open(
 					  mem_key_partitioning));
 	if (m_ins_node_parts == NULL
 	    || m_upd_node_parts == NULL
+	    || m_blob_heap_parts == NULL
 	    || m_trx_id_parts == NULL
 	    || m_row_read_type_parts == NULL
 	    || m_sql_stat_start_parts == NULL) {
@@ -1356,6 +1361,7 @@ ha_innopart::close()
 		m_part_share = NULL;
 	}
 	clear_ins_upd_nodes();
+	free_blob_heap_array();
 
 	/* Prevent double close of m_prebuilt->table. The real one was done
 	done in m_part_share->close_table_parts(). */
@@ -1408,9 +1414,13 @@ void
 ha_innopart::set_partition(
 	uint	part_id)
 {
+	DBUG_ENTER("ha_innopart::set_partition");
+
+	DBUG_PRINT("ha_innopart", ("partition id: %u", part_id));
+
 	if (part_id >= m_tot_parts) {
 		ut_ad(0);
-		return;
+		DBUG_VOID_RETURN;
 	}
 	if (m_pcur_parts != NULL) {
 		m_prebuilt->pcur = &m_pcur_parts[m_pcur_map[part_id]];
@@ -1421,11 +1431,23 @@ ha_innopart::set_partition(
 	}
 	m_prebuilt->ins_node = m_ins_node_parts[part_id];
 	m_prebuilt->upd_node = m_upd_node_parts[part_id];
+
+#ifdef UNIV_DEBUG
+	if (m_blob_heap_parts[part_id] != NULL) {
+		DBUG_PRINT("ha_innopart", ("validating blob_heap: %p",
+					   m_blob_heap_parts[part_id]));
+		mem_heap_validate(m_blob_heap_parts[part_id]);
+	}
+#endif
+
+	m_prebuilt->blob_heap = m_blob_heap_parts[part_id];
 	m_prebuilt->trx_id = m_trx_id_parts[part_id];
 	m_prebuilt->row_read_type = m_row_read_type_parts[part_id];
 	m_prebuilt->sql_stat_start = get_bit(m_sql_stat_start_parts, part_id);
 	m_prebuilt->table = m_part_share->get_table_part(part_id);
 	m_prebuilt->index = innopart_get_index(part_id, active_index);
+
+	DBUG_VOID_RETURN;
 }
 
 /** Update active partition.
@@ -1435,17 +1457,31 @@ void
 ha_innopart::update_partition(
 	uint	part_id)
 {
+	DBUG_ENTER("ha_innopart::update_partition");
+	DBUG_PRINT("ha_innopart", ("partition id: %u", part_id));
+
 	if (part_id >= m_tot_parts) {
 		ut_ad(0);
-		return;
+		DBUG_VOID_RETURN;
 	}
 	m_ins_node_parts[part_id] = m_prebuilt->ins_node;
 	m_upd_node_parts[part_id] = m_prebuilt->upd_node;
+
+#ifdef UNIV_DEBUG
+	if (m_prebuilt->blob_heap != NULL) {
+		DBUG_PRINT("ha_innopart", ("validating blob_heap: %p",
+					   m_prebuilt->blob_heap));
+		mem_heap_validate(m_prebuilt->blob_heap);
+	}
+#endif
+
+	m_blob_heap_parts[part_id] = m_prebuilt->blob_heap;
 	m_trx_id_parts[part_id] = m_prebuilt->trx_id;
 	m_row_read_type_parts[part_id] = m_prebuilt->row_read_type;
 	update_bit(m_sql_stat_start_parts, part_id,
 			m_prebuilt->sql_stat_start == 0 ? false : true);
 	m_last_part = part_id;
+	DBUG_VOID_RETURN;
 }
 
 /** Save currently highest auto increment value.
@@ -1640,13 +1676,15 @@ ha_innopart::index_end()
 {
 	uint	part_id = m_part_info->get_first_used_partition();
 	DBUG_ENTER("ha_innopart::index_end");
+
 	if (part_id == MY_BIT_NONE) {
 		/* Never initialized any index. */
 		DBUG_RETURN(0);
 	}
 	if (m_ordered) {
 		destroy_record_priority_queue();
 	}
+
 	DBUG_RETURN(ha_innobase::index_end());
 }
 
@@ -1943,10 +1981,13 @@ ha_innopart::index_first_in_part(
 	uchar*	record)
 {
 	int	error;
+	DBUG_ENTER("ha_innopart::index_first_in_part");
+
 	set_partition(part);
 	error = ha_innobase::index_first(record);
 	update_partition(part);
-	return(error);
+
+	DBUG_RETURN(error);
 }
 
 /** Return next record in index from a partition.
@@ -1958,7 +1999,11 @@ ha_innopart::index_next_in_part(
 	uint	part,
 	uchar*	record)
 {
+	DBUG_ENTER("ha_innopart::index_next_in_part");
+
 	int	error;
+
+	clear_blob_heap_part(part);
 	set_partition(part);
 	error = ha_innobase::index_next(record);
 	update_partition(part);
@@ -1980,7 +2025,7 @@ ha_innopart::index_next_in_part(
 		m_prebuilt->n_rows_fetched = 0;
 	}
 
-	return(error);
+	DBUG_RETURN(error);
 }
 
 /** Return next same record in index from a partition.
@@ -1999,6 +2044,9 @@ ha_innopart::index_next_same_in_part(
 	uint		length)
 {
 	int	error;
+
+	clear_blob_heap_part(part);
+
 	set_partition(part);
 	error = ha_innobase::index_next_same(record, key, length);
 	update_partition(part);
@@ -2015,6 +2063,7 @@ ha_innopart::index_last_in_part(
 	uchar*	record)
 {
 	int	error;
+
 	set_partition(part);
 	error = ha_innobase::index_last(record);
 	update_partition(part);
@@ -2031,6 +2080,9 @@ ha_innopart::index_prev_in_part(
 	uchar*	record)
 {
 	int	error;
+
+	clear_blob_heap_part(part);
+
 	set_partition(part);
 	error = ha_innobase::index_prev(record);
 	update_partition(part);
@@ -2072,6 +2124,7 @@ ha_innopart::index_read_map_in_part(
 	enum ha_rkey_function	find_flag)
 {
 	int	error;
+
 	set_partition(part);
 	error = ha_innobase::index_read_map(
 			record,
@@ -2102,6 +2155,7 @@ ha_innopart::index_read_idx_map_in_part(
 	enum ha_rkey_function	find_flag)
 {
 	int	error;
+
 	set_partition(part);
 	error = ha_innobase::index_read_idx_map(
 			record,
@@ -2200,6 +2254,8 @@ ha_innopart::read_range_next_in_part(
 {
 	int	error;
 	uchar*	read_record = record;
+
+	clear_blob_heap_part(part);
 	set_partition(part);
 	if (read_record == NULL) {
 		read_record = table->record[0];
@@ -2253,6 +2309,8 @@ ha_innopart::rnd_init_in_part(
 {
 	int	err;
 
+	clear_blob_heap_part(part_id);
+
 	if (m_prebuilt->clust_index_was_generated) {
 		err = change_active_index(part_id, MAX_KEY);
 	} else {
@@ -2280,6 +2338,9 @@ ha_innopart::rnd_end_in_part(
 	uint	part_id,
 	bool	scan)
 {
+
+	m_prebuilt->blob_heap = NULL;
+
 	return(index_end());
 }
 
@@ -2298,6 +2359,7 @@ ha_innopart::rnd_next_in_part(
 
 	DBUG_ENTER("ha_innopart::rnd_next_in_part");
 
+	clear_blob_heap_part(part_id);
 	set_partition(part_id);
 	if (m_start_of_scan) {
 		error = ha_innobase::index_first(buf);
@@ -2338,6 +2400,7 @@ ha_innopart::rnd_pos(
 
 	/* Restore used partition. */
 	part_id = uint2korr(pos);
+
 	set_partition(part_id);
 
 	/* Note that we assume the length of the row reference is fixed
@@ -4166,6 +4229,96 @@ ha_innopart::write_row_in_new_part(
 	DBUG_RETURN(result);
 }
 
+/** Allocate the array to hold blob heaps for all partitions */
+mem_heap_t**
+ha_innopart::alloc_blob_heap_array()
+{
+	DBUG_ENTER("ha_innopart::alloc_blob_heap_array");
+
+	const ulint	len = sizeof(mem_heap_t*) * m_tot_parts;
+	m_blob_heap_parts = static_cast<mem_heap_t**>(
+		ut_malloc(len, mem_key_partitioning));
+	if (m_blob_heap_parts == NULL) {
+		DBUG_RETURN(NULL);
+	}
+	memset(m_blob_heap_parts, 0, len);
+
+	DBUG_RETURN(m_blob_heap_parts);
+}
+
+/** Free the array that holds blob heaps for all partitions */
+void
+ha_innopart::free_blob_heap_array()
+{
+	DBUG_ENTER("ha_innopart::free_blob_heap_array");
+
+	if (m_blob_heap_parts != NULL) {
+		clear_blob_heaps();
+		ut_free(m_blob_heap_parts);
+		m_blob_heap_parts = NULL;
+	}
+
+	DBUG_VOID_RETURN;
+}
+
+/** Clear the blob heap for the given partition */
+void
+ha_innopart::clear_blob_heap_part(uint part_id)
+{
+	DBUG_ENTER("ha_innopart::clear_blob_heap_part");
+	DBUG_PRINT("ha_innopart", ("partition id: %u", part_id));
+
+
+	if (m_blob_heap_parts != NULL
+	    && m_blob_heap_parts[part_id] != NULL) {
+
+		DBUG_PRINT("ha_innopart", ("freeing blob_heap: %p",
+					   m_blob_heap_parts[part_id]));
+		mem_heap_free(m_blob_heap_parts[part_id]);
+		m_blob_heap_parts[part_id] = NULL;
+
+	}
+
+	m_prebuilt->blob_heap = NULL;
+
+	DBUG_VOID_RETURN;
+}
+
+void
+ha_innopart::clear_blob_heaps()
+{
+	DBUG_ENTER("ha_innopart::clear_blob_heaps");
+
+	if (m_blob_heap_parts == NULL) {
+		DBUG_VOID_RETURN;
+	}
+
+	for (uint i = 0; i < m_tot_parts; i++) {
+		if (m_blob_heap_parts[i] != NULL) {
+			DBUG_PRINT("ha_innopart", ("freeing blob_heap: %p",
+						   m_blob_heap_parts[i]));
+			mem_heap_free(m_blob_heap_parts[i]);
+			m_blob_heap_parts[i] = NULL;
+		}
+	}
+
+	m_prebuilt->blob_heap = NULL;
+
+	DBUG_VOID_RETURN;
+}
+
+/** Reset state of file to after 'open'. This function is called
+after every statement for all tables used by that statement. */
+int
+ha_innopart::reset()
+{
+	DBUG_ENTER("ha_innopart::reset");
+
+	clear_blob_heaps();
+
+	DBUG_RETURN(ha_innobase::reset());
+}
+
 /****************************************************************************
  * DS-MRR implementation
  ***************************************************************************/