1. 17 Oct, 2008 2 commits
  2. 16 Oct, 2008 7 commits
  3. 15 Oct, 2008 2 commits
  4. 14 Oct, 2008 1 commit
  5. 10 Sep, 2008 4 commits
  6. 09 Sep, 2008 7 commits
    • Ramil Kalimullin's avatar
      Merge · 58a5d735
      Ramil Kalimullin authored
      58a5d735
    • Ramil Kalimullin's avatar
      Merge · eb2794d4
      Ramil Kalimullin authored
      eb2794d4
    • Martin Hansson's avatar
      Bug#35600: Auto merged. · cfd4c976
      Martin Hansson authored
      cfd4c976
    • Ramil Kalimullin's avatar
      Fix for bug#37526: asymertic operator <=> in trigger · 776793a9
      Ramil Kalimullin authored
      Problem: <=> operator may return wrong results 
      comparing NULL and a DATE/DATETIME/TIME value.
      
      Fix: properly check NULLs.
      
      
      mysql-test/r/type_datetime.result:
        Fix for bug#37526: asymertic operator <=> in trigger
          - test result.
      mysql-test/t/type_datetime.test:
        Fix for bug#37526: asymertic operator <=> in trigger
          - test case.
      sql/item_cmpfunc.cc:
        Fix for bug#37526: asymertic operator <=> in trigger
          - if is_nulls_eq is TRUE Arg_comparator::compare_datetime() 
        should return 1 only if both arguments are NULL.
      776793a9
    • Mats Kindahl's avatar
      Merging with 5.1-5.1.29-rc · ac1bcc20
      Mats Kindahl authored
      ac1bcc20
    • Martin Hansson's avatar
      Bug#35600: Security breach via view, I_S table and prepared · c0cfce21
      Martin Hansson authored
      statement/stored procedure
      
      View privileges are properly checked after the fix for bug no 
      36086, so the method TABLE_LIST::get_db_name() must be used 
      instead of field TABLE_LIST::db, as this only works for tables.
      Bug appears when accessing views in prepared statements.
      
      mysql-test/r/view_grant.result:
        Bug#35600: Extended existing test case.
      mysql-test/t/view_grant.test:
        Bug#35600: Extended existing test result.
      sql/sql_parse.cc:
        Bug#35600: Using method to retrieve database name instead of
        field.
      c0cfce21
    • Mats Kindahl's avatar
      Bug #39106: · 589355f0
      Mats Kindahl authored
      SUPER is not required to change binlog format for session
      
      A user without SUPER privileges can change the value of the
      session variable BINLOG_FORMAT, causing problems for a DBA.
      
      This changeset requires a user to have SUPER privileges to
      change the value of the session variable BINLOG_FORMAT, and
      not only the global variable BINLOG_FORMAT.
      
      
      mysql-test/suite/binlog/t/binlog_grant.test:
        Adding test to test grants needed for SQL_LOG_BIN and BINLOG_FORMAT.
      sql/set_var.cc:
        Adding code to check that user has SUPER permission
        needed to change the value of BINLOG_FORMAT.
      sql/set_var.h:
        Adding function sys_var_thd_binlog_format::check()
      589355f0
  7. 08 Sep, 2008 4 commits
  8. 05 Sep, 2008 9 commits
    • Georgi Kodinov's avatar
      Bug #38701: Crash in String::append when inserting duplicate empty strings an uft8 · cc26bc94
      Georgi Kodinov authored
      SET col
                        
      When reporting a duplicate key error the server was making incorrect assumptions 
      on what the state of the value string to include in the error is.
      
      Fixed by accessing the data in this string in a "safe" way (without relying on it
      having a terminating 0).
            
      Detected by code analysis and fixed a similar problem in reporting the foreign key
      duplicate errors.
      
      mysql-test/r/type_set.result:
        Bug #38701: test case
      mysql-test/t/type_set.test:
        Bug #38701: test case
      sql/handler.cc:
        Bug #38701: don't rely on the presence of a terminating 0 in the string
      cc26bc94
    • Narayanan V's avatar
      updating server version number · 860f74a8
      Narayanan V authored
      configure.in:
        change server version number to 5.1.29
      860f74a8
    • Narayanan V's avatar
      WL#4380: abi_check rule (using gcc -E) for storage engine API · 16291bfd
      Narayanan V authored
      Added a rule that uses gcc to generate preprocessor
      output (gcc -E) that can be compared to an already
      generated output using the diff utility.
      
      icheck has been removed and replaced by gcc -E
      because icheck does not support C++.
      
      Makefile.am:
        Added a rule for checking that the abi/api
        has not changed.
        
        The following rules are followed in the rule in makefile.am
        
        1) Generate preprocessor output for the
           files that need to be tested for abi/ 
           api changes. use -nostdinc to prevent
           generation of preprocessor output for
           system headers. This results in
           messages in stderr saying that these
           headers were not found. Redirect the
           stderr output to /dev/null to prevent
           seeing these messages.
        2) sed the output to 
           2.1) remove blank lines and lines that
                begin with "# "
           2.2) When gcc -E is run on the Mac OS 
                and solaris sparc platforms it
                introduces a line of output that
                shows up as a difference between
                the .pp and .out files. Remove
                these OS specific preprocessor
                text inserted by the preprocessor.
        3) diff the generated file and the canons
           (.pp files already in the repository).
        4) delete the .out file that is generated.
           If the diff fails, the generated file 
           is not removed. This will be useful
           for analysis of ABI differences (e.g.
           using a visual diff tool).
        
        A ABI change that causes a build to fail will always be accompanied by new canons (.out files). The .out files that are not removed will be replaced as the new .pp files.
        
        e.g. If include/mysql/plugin.h has an ABI
             change then this rule would leave a
             <build directory>/abi_check.out file.
        
        A developer with a justified API change will then do a 
        
        mv <build directory>/abi_check.out include/mysql/plugin.pp 
        
        to replace the old canons with the new ones.
      configure.in:
        1) Removed the part of the file that was
           icheck related
        2) Added an entry for the configure
           variable DIFF
        3) Ensured that the abi_check rule is run
           only if gcc is available
      include/Makefile.am:
        1) Removed the icheck related entries
      include/mysql.h.pp:
        The pre-processor output cannon file for
        include/mysql.h
      include/mysql/plugin.h.pp:
        The pre-processor output cannon file
        for include/mysql/plugin.h
      include/mysql_h.ic:
        Removed the cannon file related to icheck.
      sql/mysql_priv.h.pp:
        The pre-processor output cannon file for
        sql/mysql_priv.h
      16291bfd
    • Georgi Kodinov's avatar
      merged 5.1-main -> 5.1-bugteam · ccfceec1
      Georgi Kodinov authored
      ccfceec1
    • Evgeny Potemkin's avatar
      Bug#37908: Skipped access right check caused server crash. · 1588c116
      Evgeny Potemkin authored
            
      The check_table_access function initializes per-table grant info and performs
      access rights check. It wasn't called for SHOW STATUS statement thus left
      grants info uninitialized. In some cases this led to server crash. In other
      cases it allowed a user to check for presence/absence of arbitrary values in
      any tables.
            
      Now the check_table_access function is called prior to the statement
      processing.
      
      
      mysql-test/r/status.result:
        Added a test case for the bug#37908.
      mysql-test/t/status.test:
        Added a test case for the bug#37908.
      sql/sql_parse.cc:
        Bug#37908: Skipped access right check caused server crash.
        Now the check_table_access function is called when the SHOW STATUS statement
        uses any table except information.STATUS.
      sql/sql_yacc.yy:
        Bug#37908: Skipped access right check caused server crash.
        For the SHOW PROCEDURE/FUNCTION STATUS the 'mysql.proc' table isn't added
        to the table list anymore as there is no need.
      1588c116
    • Ramil Kalimullin's avatar
      After-merge fix. · bf2f3680
      Ramil Kalimullin authored
      bf2f3680
    • Ramil Kalimullin's avatar
      Merge · bef0ee99
      Ramil Kalimullin authored
      bef0ee99
    • Ramil Kalimullin's avatar
      Fix for bug #39021: SELECT REGEXP BINARY NULL never returns · 788be2ae
      Ramil Kalimullin authored
      Problem: SELECT ... REGEXP BINARY NULL may lead to server crash/hang.
      
      Fix: properly handle NULL regular expressions.
      
      
      mysql-test/r/func_regexp.result:
        Fix for bug #39021: SELECT REGEXP BINARY NULL never returns
          - test result.
      mysql-test/t/func_regexp.test:
        Fix for bug #39021: SELECT REGEXP BINARY NULL never returns
          - test case.
      sql/item_cmpfunc.cc:
        Fix for bug #39021: SELECT REGEXP BINARY NULL never returns
          - checking regular expressions' null_value
        we tested it without a val_xxx() call before, which is wrong.
        Now Item_func_regex::regcomp() returns -1 in the case
        and allows to handle NULL expessions properly.
      sql/item_cmpfunc.h:
        Fix for bug #39021: SELECT REGEXP BINARY NULL never returns
          - checking regular expressions' null_value
        we tested it without a val_xxx() call before, which is wrong.
        Now Item_func_regex::regcomp() returns -1 in the case
        and allows to handle NULL expessions properly.
      788be2ae
    • Ramil Kalimullin's avatar
      Merge · bcbff0b9
      Ramil Kalimullin authored
      bcbff0b9
  9. 04 Sep, 2008 1 commit
  10. 03 Sep, 2008 3 commits
    • Mats Kindahl's avatar
      BUG#32709: Assertion failed: trx_data->empty(), file log.cc · dbbb48c3
      Mats Kindahl authored
      Incremental fixes: updating a comment and fixing a result file.
      
      sql/sql_class.h:
        Changing comment.
      dbbb48c3
    • Mats Kindahl's avatar
      Bug #32709: Assertion failed: trx_data->empty(), file log.cc · 02a43540
      Mats Kindahl authored
      The assertion indicates that some data was left in the transaction
      cache when the server was shut down, which means that a previous
      statement did not commit or rollback correctly.
      
      What happened was that a bug in the rollback of a transactional
      table caused the transaction cache to be emptied, but not reset.
      The error can be triggered by having a failing UPDATE or INSERT,
      on a transactional table, causing an implicit rollback.
      
      Fixed by always flushing the pending event to reset the state
      properly.
      
      
      mysql-test/extra/rpl_tests/rpl_row_basic.test:
        Testing that a failed update (that writes some rows to the
        transaction cache) does not cause the transaction cache to
        hold on to the data or forget to reset the transaction cache.
      sql/log.cc:
        Added call to remove pending event when the transaction cache
        is emptied instead of written to binary log. The call will also
        clear the outstanding table map count so that the cache is not
        left it in a state of "empty but not reset".
        
        Added function MYSQL_BIN_LOG::remove_pending_rows_event().
      sql/log.h:
        Added function MYSQL_BIN_LOG::remove_pending_rows_event().
      sql/sql_class.cc:
        Adding function THD::binlog_remove_pending_rows_event().
      sql/sql_class.h:
        Adding function THD::binlog_remove_pending_rows_event().
      02a43540
    • Martin Hansson's avatar
      Bug#36086: SELECT * from views don't check column grants · 3bad2119
      Martin Hansson authored
      This patch also fixes bugs 36963 and 35600.
                            
      - In many places a view was confused with an anonymous derived
        table, i.e. access checking was skipped. Fixed by introducing a
        predicate to tell the difference between named and anonymous
        derived tables.
                            
      - When inserting fields for "SELECT * ", there was no 
        distinction between base tables and views, where one should be
        made. View privileges are checked elsewhere.
      
      mysql-test/include/grant_cache.inc:
        Bug#36086: Changed test case.
      mysql-test/r/grant2.result:
        Bug#36086: Changed test result.
      mysql-test/r/grant_cache_no_prot.result:
        Bug#36086: Changed test result.
      mysql-test/r/grant_cache_ps_prot.result:
        Bug#36086: Changed test result.
      mysql-test/r/view_grant.result:
        Bug#36086: Test result.
      mysql-test/t/grant2.test:
        Bug#36086: Changed test case.
      mysql-test/t/view_grant.test:
        Bug#36086: Test case.
      sql/item.cc:
        Bug#36086: Replaced conditional with new methods.
      sql/sql_acl.cc:
        Bug no 35600: 
        In mysql_table_grant:
          Replaced conditional with the new accessor method.
        
        In check_grant:
         - Changed the requirement table->derived != null to 
           checking all anonymous derived tables.
         - Use of the accessor methods for getting object and database 
           names.
            
        Bug#36086: In check_grant_all_columns:
          - Updated comment. This function is now called for views
            as well.
          - The error message should not disclose any column names 
            unless the user has privilege to see all column names.
          - Changed names of Field_iterator_table_ref methods.
      sql/sql_base.cc:
        Bug no 36963: In insert_fields()
          - Commented.
          - We should call check_grant_all_columns() for views in  
            this case.        
          - Changed names of Field_iterator_table_ref methods.
          - We should not disclose column names in the error message
            when the user has no approprate privilege.
      sql/sql_cache.cc:
        Bug#36086: Replaced test with new predicate method.
      sql/sql_derived.cc:
        Bug#36086: commenting only. Updated and doxygenated
        comment for mysql_derived_prepare().
      sql/sql_parse.cc:
        Bug no 35600: 
        - In check_single_table_access:
          Due to the bug, check_grant would raise an error for a
          SHOW CREATE TABLE command for a TEMPTABLE view. It should in
          fact not be be invoked in this case. This table privilege
          is checked already.
          There is a test case for this in information_schema_db.test.
            
        - In check_access: replaced table->derived
      sql/table.cc:
        Bug#36086: 
        
        - In TABLE_LIST::set_underlying_merge(): 
          Commenting only. Doxygenated, corrected spelling,
          added.
        
        - Renamed table_name() and db_name() methods of 
          Field_iterator_table_ref in order to be consistent
          with new methods in TABLE_LIST.
      sql/table.h:
        Bug#36086: 
          - Commented GRANT_INFO.
          - Added a predicate is_anonymous_derived_table() to    
            TABLE_LIST.
          - Added get_table_name() and get_db_name() to   
            TABLE_LIST in order to hide the disparate   
            representation of these properties.
      3bad2119