- 18 Jul, 2011 4 commits
-
-
Tor Didriksen authored
mysql-test/r/type_float.result: New test case. mysql-test/t/type_float.test: New test case. sql/item_strfunc.cc: There was a buffer over/under-run when inserting decimal point into an empty string.
-
Tor Didriksen authored
-
Tor Didriksen authored
-
Tor Didriksen authored
-
- 15 Jul, 2011 4 commits
-
-
Tor Didriksen authored
-
Tor Didriksen authored
-
Tor Didriksen authored
The buffer was simply too small. In 5.5 and trunk, the size is 311 + 31, in 5.1 and below, the size is 331 client/sql_string.cc: Increase buffer size in String::set(double, ...) include/m_string.h: Increase FLOATING_POINT_BUFFER mysql-test/r/type_float.result: New test cases. mysql-test/t/type_float.test: New test cases. sql/sql_string.cc: Increase buffer size in String::set(double, ...) sql/unireg.h: Move definition of FLOATING_POINT_BUFFER
-
Davi Arnaut authored
non-latin1 server error message The problem was a one byte buffer overflow in the conversion of a error message between character sets. Ahead of explaining the problem further, some background information. Before an error message is sent to the user, the message is converted to the character set specified in the character_set_results variable. For various reasons, this conversion might cause the message to increase in length -- for example, if certain characters can't be represented in the result character set. If the final message length is greater than the maximum allowed length of a error message (MYSQL_ERRMSG_SIZE), the message is truncated. The message is also always null-terminated regardless of the character set. The problem arises from this null-termination. If a message length reached the maximum, the terminating null character would be placed one byte past the end of the message buffer. The solution is to reserve the end of the message buffer for the null character. mysql-test/t/ctype_errors.test: Add test case for Bug#12736295. sql/sql_error.cc: The to_end pointer was actually pointing past the end of the buffer. Since the message is always null terminated, point to_end to the last position of the buffer.
-
- 11 Jul, 2011 2 commits
-
-
Tor Didriksen authored
-
Tor Didriksen authored
We must allocate a larger ref_pointer_array. We failed to account for extra items allocated here: #0 find_order_in_list uint el= all_fields.elements; all_fields.push_front(order_item); /* Add new field to field list. */ ref_pointer_array[el]= order_item; order->item= ref_pointer_array + el; #1 setup_order #2 setup_without_group #3 JOIN::prepare mysql-test/r/order_by.result: New test case. mysql-test/r/union.result: New test case. mysql-test/t/order_by.test: New test case. mysql-test/t/union.test: New test case. sql/sql_lex.cc: find_order_in_list() may need some extra space, so multiply og_num by two. sql/sql_union.cc: For UNION, the 'n_sum_items' are accumulated in the "global_parameters" select_lex. This number must be propagated to setup_ref_array() When preparing a 'fake_select_lex' we need to use global_parameters->order_list rather than fake_select_lex->order_list (see comments inside st_select_lex_unit::cleanup)
-
- 07 Jul, 2011 6 commits
-
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
- 06 Jul, 2011 1 commit
-
-
Sunanda Menon authored
-
- 05 Jul, 2011 2 commits
-
-
unknown authored
-
Karen Langford authored
-
- 04 Jul, 2011 1 commit
-
-
Jon Olav Hauglid authored
-
- 03 Jul, 2011 2 commits
-
-
Kent Boortz authored
-
Kent Boortz authored
-
- 01 Jul, 2011 2 commits
-
-
Karen Langford authored
-
Karen Langford authored
-
- 30 Jun, 2011 3 commits
-
-
Kent Boortz authored
-
Kent Boortz authored
-
Kent Boortz authored
-
- 29 Jun, 2011 1 commit
-
-
Vasil Dimov authored
Update copyright comment in innochecksum.
-
- 21 Jun, 2011 1 commit
-
-
Alexander Nozdrin authored
OLD VALUE OF INPUT PARAMETER. The user-visible problem was that CASE-control-flow function (not CASE-statement) misbehaved in stored routines under some circumstances. The problem resulted in a crash or wrong data returned. The error happened when expressions in CASE-function were not of the same character set. A CASE-function should return values of the same character set for all branches. Internally, that means a new Item-instance for the CONVERT(... USING <some charset>)-function is added to the item tree when needed. The problem was that such changes were not properly recorded using THD::change_item_tree(), thus dangling pointers remain in the item tree after THD::rollback_item_tree_changes(), which lead to undefined behavior (i.e. crash / wrong data) for subsequent executions of the stored routine. This bug was introduced by a patch for Bug 11753363 (44793 - CHARACTER SETS: CASE CLAUSE, UCS2 OR UTF32, FAILURE). The fixed function is Item_func_case::fix_length_and_dec(). New CONVERT-items are added in agg_item_set_converter(), which calls THD::change_item_tree(). The problem was that an intermediate array was passed to agg_item_set_converter(). Thus, THD::change_item_tree() there was called on intermediate objects. Note: those intermediate objects are allocated on THD's memory root, so it's Ok to put them into "changed item lists". The fix is to track changes on the correct objects.
-
- 16 Jun, 2011 7 commits
-
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Jorgen Loland authored
UPDATED TWICE For multi update it is not allowed to update a column of a table if that table is accessed through multiple aliases and either 1) the updated column is used as partitioning key 2) the updated column is part of the primary key and the primary key is clustered This check is done in unsafe_key_update(). The bug was that for case 2), it was checked whether updated_column_number == table_share->primary_key However, the primary_key variable is the index number of the primary key, not a column number. Prior to this bugfix, the first column was wrongly believed to be the primary key. The columns covered by an index is found in table->key_info[idx_number]->key_part. The bugfix is to check if any of the columns in the keyparts of the primary key are updated. The user-visible effect is that for storage engines with clustered primary key (e.g. InnoDB but not MyISAM) queries like "UPDATE t1 AS A JOIN t2 AS B SET A.primkey=..." will now error with "ERROR HY000: Primary key/partition key update is not allowed since the table is updated both as 'A' and 'B'." instead of "ERROR 1032 (HY000): Can't find record in 't1_tb'" even if primkey is not the first column in the table. This was the intended behavior of bugfix 11764529. mysql-test/r/multi_update.result: Add test for bug#11882110 mysql-test/r/multi_update_innodb.result: Add test for bug#11882110 mysql-test/t/multi_update.test: Add test for bug#11882110 mysql-test/t/multi_update_innodb.test: Add test for bug#11882110 sql/sql_update.cc: unsafe_key_update() wrongly checked if the primary key index number was the same as updated column number. Now it is checked whether any of the columns making up the primary key is updated. sql/table.h: Fix comment on TABLE_SHARE::primary_key. Incorrect comment was introduced by an earlier merge conflict (as per dlenev)
-
Vinay Fisrekar authored
-
- 15 Jun, 2011 4 commits
-
-
Dmitry Shulga authored
can't parse relative paths "higher" than 3 levels up When trying to LOAD DATA LOCAL INFILE using a relative path with 3 or more levels up in the directory hierarchy, mysqld wrongly parses the path and as a consequence, can't find the file. This bug was introduced by patch for bug#58205. The reason for bug is that implementaiton of function cleanup_dirname() doesn't take into account the begin of buffer being processed during handling of path to file. mysys/mf_pack.c: function cleanup_dirname() was modified: fixed wrong comparison condition when handling substring "../" at the begining of the buffer.
-
Marko Mäkelä authored
-
Marko Mäkelä authored
Some ut_a(!rec_offs_any_null_extern()) assertion failures are indicating genuine BLOB bugs, others are bogus failures when rolling back incomplete transactions at crash recovery. This needs more work, and until I get a chance to work on it, other testing must not be disrupted by this.
-
Anitha Gopi authored
-