1. 26 Aug, 2008 1 commit
  2. 25 Aug, 2008 4 commits
    • Davi Arnaut's avatar
      Merge Bug#36579 into mysql-5.1-bugteam · d30db4c9
      Davi Arnaut authored
      d30db4c9
    • Davi Arnaut's avatar
      Bug#36579 Dumping information about locks in use may lead to a server crash · 1ee4a3ac
      Davi Arnaut authored
      Dumping information about locks in use by sending a SIGHUP signal
      to the server or by invoking the "mysqladmin debug" command may
      lead to a server crash in debug builds or to undefined behavior in
      production builds.
      
      The problem was that a mutex that protects a lock object (THR_LOCK)
      might have been destroyed before the lock object was actually removed
      from the list of locks in use, causing a race condition with other
      threads iterating over the list. The solution is to destroy the mutex
      only after removing lock object from the list.
      
      mysys/thr_lock.c:
        Destroy the mutex that protects the lock object only after removing
        the lock object from the list of locks in use.
      1ee4a3ac
    • Sergey Glukhov's avatar
      null merge · cb8f52d2
      Sergey Glukhov authored
      cb8f52d2
    • Sergey Glukhov's avatar
      Bug#37428 Potential security issue with UDFs - linux shellcode execution. · c546559a
      Sergey Glukhov authored
      plugin_dir option backported from 5.1
      
      mysql-test/r/udf.result:
        result fix
      sql/mysql_priv.h:
        opt_plugin_dir and opt_plugin_dir_ptr declared.
      sql/mysqld.cc:
        'plugin_dir' option added
      sql/set_var.cc:
        'plugin_dir' option added.
      sql/sql_udf.cc:
        opt_plugin_dir added to the udf->dl path. Warn if it's not specified.
      sql/unireg.h:
        PLUGINDIR defined.
      c546559a
  3. 23 Aug, 2008 1 commit
  4. 22 Aug, 2008 1 commit
    • Alexey Botchkov's avatar
      Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY. · ec524d50
      Alexey Botchkov authored
                  
                  test_if_data_home_dir fixed to look into real path.
                  Checks added to mi_open for symlinks into data home directory.
      
      per-file messages:
              include/my_sys.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                my_is_symlink interface added
              include/myisam.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invalid_symlink interface added
              myisam/mi_check.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile calls modified
              myisam/mi_open.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                code added to mi_open to check for symlinks into data home directory.
                mi_open_datafile now accepts 'original' file path to check if it's
                an allowed symlink.
              myisam/mi_static.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invlaid_symlink defined
              myisam/myisamchk.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile call modified
              myisam/myisamdef.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile interface modified - 'real_path' parameter added
              mysql-test/r/symlink.test
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error codes corrected as some patch now rejected pointing inside datahome
              mysql-test/r/symlink.result
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error messages corrected in the result
              mysys/my_symlink.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                my_is_symlink() implementsd
                my_realpath() now returns the 'realpath' even if a file isn't a symlink
              sql/mysql_priv.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                test_if_data_home_dir interface
              sql/mysqld.cc
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
              sql/sql_parse.cc
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error messages corrected
                test_if_data_home_dir code fixed
      ec524d50
  5. 21 Aug, 2008 4 commits
    • Sergey Glukhov's avatar
      added replacement of 'CARDINALITY' column values · 099a80d0
      Sergey Glukhov authored
      mysql-test/r/join.result:
        result fix
      099a80d0
    • Tatiana A. Nurnberg's avatar
      auto-merge · d726a499
      Tatiana A. Nurnberg authored
      d726a499
    • Tatiana A. Nurnberg's avatar
      Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size · 861f7e1c
      Tatiana A. Nurnberg authored
      add'l portability fixes
      
      mysys/safemalloc.c:
        Make the various print-functions happy:
        sf_malloc_(cur|max)_memory are size_t now, might as well use %u instead
        of %d. Ideally, we'd use %zu, but we can't rely on having that, so we'll
        use %lu instead. Likewise, we could cast to unsigned for our poor man's
        %p -- pointers are never negative, and neither is %x --, but since it
        was fixed to %p with seemingly no ill effects in 6.0 anyway, we'll back
        port that instead.
      861f7e1c
    • Tatiana A. Nurnberg's avatar
      Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size · 91a2c59a
      Tatiana A. Nurnberg authored
      portability fixes / cleanup
      
      include/my_sys.h:
        declaration should certainly match definition!
      mysys/safemalloc.c:
        Make the various print-functions happy:
        sf_malloc_(cur|max)_memory are size_t now, might as well use %u instead
        of %d. Ideally, we'd use %zu, but we can't rely on having that, so we'll
        use %lu instead. Likewise, we could cast to unsigned for our poor man's
        %p -- pointers are never negative, and neither is %x --, but since it
        was fixed to %p with seemingly no ill effects in 6.0 anyway, we'll back
        port that instead.
      91a2c59a
  6. 20 Aug, 2008 16 commits
    • Timothy Smith's avatar
    • Timothy Smith's avatar
      Cherry-pick some changes from innodb-5.1-ss2545 snapshot. Includes fixes for · 9eb2ebd4
      Timothy Smith authored
      Bug#37531, Bug#36941, Bug#36941, Bug#36942, Bug#38185.
      
      Also include test case from Bug 34300 which was left out from earlier snapshot
      (5.1-ss2387).
      
      Also include fix for Bug #29507, "TRUNCATE shows to many rows effected", since
      the fix for Bug 37531 depends on it.
      9eb2ebd4
    • Mattias Jonsson's avatar
      merge · 180c6e27
      Mattias Jonsson authored
      180c6e27
    • Mattias Jonsson's avatar
      Backport of patch for Bug#34604 (from 6.0) · 5d5d1a81
      Mattias Jonsson authored
      post push fix for bug#20129, test failed due to non existing
      source files.
      
      mysql-test/Makefile.am:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... complains that
        partition is corrupt
        
        Test parts.partition_repair_myisam failed because the corrupted
        pre fabricated files was not included in the dist-file.
      mysql-test/suite/parts/r/partition_special_innodb.result:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        updated result file
      mysql-test/suite/parts/t/partition_special_innodb-master.opt:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        Added parameter to speed up the test.
        Set to 2 seconds to be working on slow machines.
      mysql-test/suite/parts/t/partition_special_innodb.test:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        Added test for verifying the bug (without the patch in
        ha_partition.cc, this crashes a debug compiled server)
      sql/ha_partition.cc:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        In some cases error was not properly propagated through
        ha_partition::rnd_next.
        
        Will now return the error code from the partitions rnd_next and
        update m_part_spec.start_part and m_last_part properly.
        This makes the inited state to be correct.
      5d5d1a81
    • Jonathan Perkin's avatar
      merge · 1de7738c
      Jonathan Perkin authored
      1de7738c
    • Jonathan Perkin's avatar
      Fix path to myisamchk for mysql-5.1 · 585566c7
      Jonathan Perkin authored
      585566c7
    • Sergey Glukhov's avatar
      5.0-bugteam->5.1-bugteam merge · fad69f17
      Sergey Glukhov authored
      fad69f17
    • Jonathan Perkin's avatar
      bug#33300: use myisamchk to verify that mysql_install_db has · dff9ccce
      Jonathan Perkin authored
      created at least some files and that they are correct.
      dff9ccce
    • Sergey Glukhov's avatar
      Bug#38291 memory corruption and server crash with view/sp/function · de73b729
      Sergey Glukhov authored
      Send_field.org_col_name has broken value on secondary execution.
      It happens when result field is created from the field which belongs to view
      due to forgotten assignment of some Send_field attributes. 
      The fix:
      set Send_field.org_col_name,org_table_name with correct value during Send_field intialization.
      
      mysql-test/r/metadata.result:
        result fix
        The result file was changed because now forgotten attributes are properly set.
      mysql-test/r/sp.result:
        test result
      mysql-test/t/sp.test:
        test case
      sql/item.cc:
        Send_field.org_col_name has broken value on secondary execution.
        It happens when result field is created from the field which belongs to view
        due to forgotten assignment of some Send_field attributes. 
        The fix:
        set Send_field.org_col_name,org_table_name with correct value during Send_field intialization.
      tests/mysql_client_test.c:
        test case fix
        The test was changed because now forgotten attributes are properly set.
      de73b729
    • Sergey Glukhov's avatar
      b9bfa25f
    • Sergey Petrunia's avatar
    • Timothy Smith's avatar
      Cherry-pick one change from innodb-5.1-ss2485 snapshot. Fixes Bug#35602. · c8fad67d
      Timothy Smith authored
      Bug #35602 "Failed to read auto-increment value from storage engine" with
      Innodb
      
      The test for REPLACE was an error of ommission since it's classified as
      a simple INSERT. For REPLACE statements we don't acquire the special
      AUTOINC lock for AUTOINC_NEW_STYLE_LOCKING with this fix.
      c8fad67d
    • Sergey Petrunia's avatar
      Merge · d1e57a0f
      Sergey Petrunia authored
      d1e57a0f
    • Timothy Smith's avatar
      Cherry-pick some changes from innodb-5.1-ss2479 snapshot. Includes fixes for · 239ab2c4
      Timothy Smith authored
      Bug#36600 and Bug#36793:
      
      Bug #36600 SHOW STATUS takes a lot of CPU in buf_get_latched_pages_number
      
      Fix by removing the Innodb_buffer_pool_pages_latched variable from SHOW
      STATUS output in non-UNIV_DEBUG compilation.
      
      Bug #36793 rpl_innodb_bug28430 fails on Solaris
      
      This is a back port from branches/zip. This code has been tested on a
      big-endian machine too.
      239ab2c4
    • Sergey Petrunia's avatar
      95c3e4e1
    • Timothy Smith's avatar
      Cherry-pick one part of innodb-5.1-ss2438 snapshot. · e68520c7
      Timothy Smith authored
      Bug #36278 Data_free in SHOW TABLE STATUS for InnoDB is in kilobytes
      
      Change the fix for Bug 32440 to show bytes instead of kilobytes in
      INFORMATION_SCHEMA.TABLES.DATA_FREE.
      e68520c7
  7. 19 Aug, 2008 12 commits
    • Sven Sandberg's avatar
      Bug#35807 - INSTALL PLUGIN replicates row-based, but not stmt-based · bbb45c15
      Sven Sandberg authored
      INSTALL PLUGIN and UNINSTALL PLUGIN worked with statement-based and
      mixed-mode replication only, but not with row-based replication.
      
      There is no statement-based replication of these statements.
      But there was row-based replication of the inserts and deletes
      to and from the mysql.plugin table.
      
      The fix is to suppress binlogging during insert and delete to
      and from the mysql.plugin table.
      
      
      mysql-test/suite/rpl/r/rpl_plugin_load.result:
        new result file
      mysql-test/suite/rpl/t/rpl_plugin_load-master.opt:
        new opt file
      mysql-test/suite/rpl/t/rpl_plugin_load-slave.opt:
        new opt file
      mysql-test/suite/rpl/t/rpl_plugin_load.test:
        new test
      sql/sql_plugin.cc:
        Suppress binlogging during insert and delete to/from the
        mysql.plugin table.
      bbb45c15
    • Tatiana A. Nurnberg's avatar
      auto-merged · fd548d58
      Tatiana A. Nurnberg authored
      fd548d58
    • Tatiana A. Nurnberg's avatar
      Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size · 98eccd94
      Tatiana A. Nurnberg authored
      We could allocate chunks larger than 4GB, but did our
      size-accounting in 32-bit values. This could lead to
      spurious warnings, inaccurate accounting, and, in
      theory, data loss.
        
      Affected: 64-bit platforms. Debug-build (with safemalloc).
      At least one buffer larger than 4GB. For potential data
      loss, a re-alloc on such a buffer would be necessary.
      
      
      mysys/my_static.c:
        Make memory-accounting 64-bit safe.
      mysys/my_static.h:
        Make memory-accounting 64-bit safe.
        Move in struct for better alignment when 64-bit.
      98eccd94
    • Mattias Jonsson's avatar
      25441304
    • Sergey Petrunia's avatar
      Merge · 84d8df71
      Sergey Petrunia authored
      84d8df71
    • Georgi Kodinov's avatar
      Bug#36638: fixing a failing test case. · cc8b0c75
      Georgi Kodinov authored
      cc8b0c75
    • Sergey Petrunia's avatar
      BUG#36135: void Diagnostics_area::set_eof_status(THD*): Assertion `! is_set()' failed. · 0a6c95ce
      Sergey Petrunia authored
        - Before sending EOF, check if we've already sent an error.
      
      mysql-test/r/subselect3.result:
        BUG#36135: void Diagnostics_area::set_eof_status(THD*): Assertion `! is_set()' failed.
        - Testcase
      mysql-test/t/subselect3.test:
        BUG#36135: void Diagnostics_area::set_eof_status(THD*): Assertion `! is_set()' failed.
        - Testcase
      sql/sql_class.cc:
        BUG#36135: void Diagnostics_area::set_eof_status(THD*): Assertion `! is_set()' failed.
        - Before sending EOF, check if we've already sent an error.
      0a6c95ce
    • Georgi Kodinov's avatar
      merged 5.0-bugteam to 5.1-bugteam · dd9db323
      Georgi Kodinov authored
      dd9db323
    • Georgi Kodinov's avatar
      merged 5.0-main to 5.0-bugteam · 40bd9a42
      Georgi Kodinov authored
      40bd9a42
    • Georgi Kodinov's avatar
      Bug#38195: Incorrect handling of aggregate functions when loose index scan · 6387cac9
      Georgi Kodinov authored
      is used causes server crash.
        Revert the fix : unstable test case revealed by pushbuild
      6387cac9
    • Mattias Jonsson's avatar
      merge · 55bf4add
      Mattias Jonsson authored
      55bf4add
    • Mattias Jonsson's avatar
      Post push fix for valgrind warning in ha_partition.cc · ad15cd68
      Mattias Jonsson authored
      Bug#35161
      Fixed memory leak when failing to open a partition.
      
      Bug#20129
      Added tests for verifying REPAIR PARTITION.
      
      mysql-test/std_data/parts/t1_will_crash#P#p1_first_1024.MYD:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test
        Created by:
        CREATE TABLE t1_will_crash (
          a VARCHAR(255),
          b INT,
          c LONGTEXT,
          PRIMARY KEY (a, b))ENGINE=MyISAM
        PARTITION BY HASH (b)
        PARTITIONS 7;
        INSERT INTO t1_will_crash VALUES ...
        and then
        head -c 1024 var/master-data/test/t1_will_crash#P#p1.MYD
        into this file.
      mysql-test/std_data/parts/t1_will_crash#P#p2.MYD:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after _mi_mark_file_changed in mi_write
        was done.
      mysql-test/std_data/parts/t1_will_crash#P#p2.MYI:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after _mi_mark_file_changed in mi_write
        was done.
      mysql-test/std_data/parts/t1_will_crash#P#p3.MYI:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after *share->write_record was done.
      mysql-test/std_data/parts/t1_will_crash#P#p4.MYI:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after flush_cached_blocks
      mysql-test/std_data/parts/t1_will_crash#P#p6.MYD:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after _mi_write_part_record in
        write_dynamic_record returned for the first time.
      mysql-test/std_data/parts/t1_will_crash#P#p6_2.MYD:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after _mi_write_part_record in
        write_dynamic_record returned for the second time.
      mysql-test/std_data/parts/t1_will_crash#P#p6_3.MYD:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        (see mysql-test/suite/parts/t/partition_repair_myisam.test)
        copy of file right after _mi_write_part_record in
        write_dynamic_record returned for the third time.
        (data file fully updated).
      mysql-test/suite/parts/r/partition_recover_myisam.result:
        Bug#35161
        
        Renamed since it was a test of recover
        and to make repair free for use without
        --myisam-recover
      mysql-test/suite/parts/r/partition_repair_myisam.result:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        New result file for testing CHECK/REPAIR of partitioned tables
      mysql-test/suite/parts/t/partition_recover_myisam-master.opt:
        Bug#35161
        
        Renamed since it was a test of recover
        and to make repair free for use without
        --myisam-recover
      mysql-test/suite/parts/t/partition_recover_myisam.test:
        Bug#35161
        
        Renamed since it was a test of recover
        and to make repair free for use without
        --myisam-recover
      mysql-test/suite/parts/t/partition_repair_myisam.test:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... not working
        
        New test file for testing CHECK/REPAIR of partitioned tables
      sql/ha_partition.cc:
        Bug#35161
        
        Fix of memory leak when open of partition failed.
      ad15cd68
  8. 18 Aug, 2008 1 commit