1. 02 Jul, 2010 1 commit
  2. 28 Jun, 2010 1 commit
    • Davi Arnaut's avatar
      Bug#54041: MySQL 5.0.92 fails when tests from Connector/C suite run · 07767edc
      Davi Arnaut authored
      The problem was that a user could supply supply data in chunks
      via the COM_STMT_SEND_LONG_DATA command to prepared statement
      parameter other than of type TEXT or BLOB. This posed a problem
      since other parameter types aren't setup to handle long data,
      which would lead to a crash when attempting to use the supplied
      data.
      
      Given that long data can be supplied at any stage of a prepared
      statement, coupled with the fact that the type of a parameter
      marker might change between consecutive executions, the solution
      is to validate at execution time each parameter marker for which
      a data stream was provided. If the parameter type is not TEXT or
      BLOB (that is, if the type is not able to handle a data stream),
      a error is returned.
      07767edc
  3. 17 Jun, 2010 1 commit
    • Joerg Bruehe's avatar
      Bug#54590 "make_binary_distribution" fails because a command · d4c4bd6e
      Joerg Bruehe authored
                 line exceeds the limit
      
      The number and/or names of our files for the main test suite
      (contents of "mysql-test/t/") now exceeds the command line
      length limit on AIX.
      Solve the problem by using separate "cp" commands for the
      various file name extensions.
      d4c4bd6e
  4. 15 Jun, 2010 1 commit
  5. 14 Jun, 2010 1 commit
  6. 10 Jun, 2010 1 commit
  7. 08 Jun, 2010 3 commits
  8. 07 Jun, 2010 1 commit
  9. 04 Jun, 2010 1 commit
    • Georgi Kodinov's avatar
      Bug #52315: utc_date() crashes when system time > year 2037 · 5321e49d
      Georgi Kodinov authored
                  
      Some of the server implementations don't support dates later
      than 2038 due to the internal time type being 32 bit.
      Added checks so that the server will refuse dates that cannot
      be handled by either throwing an error when setting date at 
      runtime or by refusing to start or shutting down the server if 
      the system date cannot be stored in my_time_t.
      5321e49d
  10. 02 Jun, 2010 1 commit
  11. 01 Jun, 2010 1 commit
  12. 25 May, 2010 3 commits
  13. 19 May, 2010 1 commit
  14. 11 May, 2010 1 commit
    • Martin Hansson's avatar
      Bug#48157: crash in Item_field::used_tables · 27ac666f
      Martin Hansson authored
            
      MySQL handles the join syntax "JOIN ... USING( field1,
      ... )" and natural joins by building the same parse tree as
      a corresponding join with an "ON t1.field1 = t2.field1 ..."
      expression would produce. This parse tree was not cleaned up
      properly in the following scenario. If a thread tries to
      lock some tables and finds that the tables were dropped and
      re-created while waiting for the lock, it cleans up column
      references in the statement by means a per-statement free
      list. But if the statement was part of a stored procedure,
      column references on the stored procedure's free list
      weren't cleaned up and thus contained pointers to freed
      objects.
            
      Fixed by adding a call to clean up the current prepared
      statement's free list.
      
      This is a backport from MySQL 5.1
      27ac666f
  15. 06 May, 2010 1 commit
    • Martin Hansson's avatar
      Bug#52357: Assertion failed: join->best_read in · 4e75f7c0
      Martin Hansson authored
      greedy_search optimizer_search_depth=0
      
      The algorithm inside restore_prev_nj_state failed to
      properly update the counters within the NESTED_JOIN
      tree. The counter was decremented each time a table in the
      node was removed from the QEP, the correct thing to do being
      only to decrement it when the last table in the child node
      was removed from the plan. This lead to node counters
      getting negative values and the plan thus appeared
      impossible. An assertion caught this.
      
      Fixed by not recursing up the tree unless the last table in
      the join nest node is removed from the plan
      4e75f7c0
  16. 05 May, 2010 3 commits
    • Sunanda Menon's avatar
      ------------------------------------------------------------ · f80a925e
      Sunanda Menon authored
      revno: 2861
      committer: Georgi Kodinov <joro@sun.com>
      branch nick: B53371-5.0-bugteam
      timestamp: Mon 2010-05-03 18:16:51 +0300
      message:
        Bug #53371: COM_FIELD_LIST can be abused to bypass table level grants.
        
        The server was not checking the supplied to COM_FIELD_LIST table name
        for validity and compliance to acceptable table names standards.
        Fixed by checking the table name for compliance similar to how it's 
        normally checked by the parser and returning an error message if 
        it's not compliant.
      f80a925e
    • Georgi Kodinov's avatar
      merge · 9be68169
      Georgi Kodinov authored
      9be68169
    • Georgi Kodinov's avatar
      tree name change · 7701bfc2
      Georgi Kodinov authored
      7701bfc2
  17. 03 May, 2010 2 commits
  18. 01 May, 2010 1 commit
  19. 29 Apr, 2010 2 commits
    • Davi Arnaut's avatar
      Bug#50974: Server keeps receiving big (> max_allowed_packet) packets indefinitely. · 14ccbeb4
      Davi Arnaut authored
      The server could be tricked to read packets indefinitely if it
      received a packet larger than the maximum size of one packet.
      This problem is aggravated by the fact that it can be triggered
      before authentication.
      
      The solution is to no skip big packets for non-authenticated
      sessions. If a big packet is sent before a session is authen-
      ticated, a error is returned and the connection is closed.
      14ccbeb4
    • Ramil Kalimullin's avatar
      Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing · 933e5ca5
      Ramil Kalimullin authored
      Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only
      SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not
      checked for sanity. By sending long data for the table a buffer is overflown, which can
      be used deliberately to include code that harms".
      
      Fix: check incoming data length.
      933e5ca5
  20. 26 Apr, 2010 1 commit
    • Alexey Kopytov's avatar
      Backport of the fix for bug #50335 to 5.0. · 1a1fd04d
      Alexey Kopytov authored
      The problem was in an incorrect debug assertion. The expression
      used in the failing assertion states that when finding
      references matching ORDER BY expressions, there can be only one
      reference to a single table. But that does not make any sense,
      all test cases for this bug are valid examples with multiple
      identical WHERE expressions referencing the same table which
      are also present in the ORDER BY list.
      
      Fixed by removing the failing assertion. We also have to take
      care of the 'found' counter so that we count multiple
      references only once. We rely on this fact later in
      eq_ref_table().
      1a1fd04d
  21. 06 Apr, 2010 2 commits
  22. 30 Mar, 2010 1 commit
  23. 26 Mar, 2010 1 commit
  24. 24 Mar, 2010 1 commit
    • Sergey Glukhov's avatar
      Bug#48483 crash in get_best_combination() · 658cf9e4
      Sergey Glukhov authored
      The crash happens because greedy_serach
      can not determine best plan due to
      wrong inner table dependences. These
      dependences affects join table sorting
      which performs before greedy_search starting.
      In our case table which has real 'no dependences'
      should be put on top of the list but it does not
      happen as inner tables have no dependences as well.
      The fix is to exclude RAND_TABLE_BIT mask from
      condition which checks if table dependences
      should be updated.
      658cf9e4
  25. 10 Mar, 2010 4 commits
  26. 08 Mar, 2010 1 commit
    • Georgi Kodinov's avatar
      Backport of the fix for bug #51357 to 5.0-bugteam.: · 63605817
      Georgi Kodinov authored
      Spatial indexes were not checking for out-of-record condition in
      the handler next command when the previous command didn't found
      rows.
      
      Fixed by making the rtree index to check for end of rows condition
      before re-using the key from the previous search.
      
      Fixed another crash if the tree has changed since the last search.
      Added a test case for the other error.
      63605817
  27. 04 Mar, 2010 2 commits