Commit 63819d94 authored by Alexander Nozdrin's avatar Alexander Nozdrin

Manual merge from mysql-5.1-bugteam.

Conflicts:
  - configure.in
  - mysql-test/include/setup_fake_relay_log.inc
  - sql/sql_select.cc
parents 80f58920 23dd8c2c
dnl -*- ksh -*-
dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.52)dnl Minimum Autoconf version required.
# Minimum Autoconf version required.
AC_PREREQ(2.59)
AC_INIT(sql/mysqld.cc)
AC_CANONICAL_SYSTEM
# The Docs Makefile.am parses this line!
# remember to also update version.c in ndb
#
# Remember to also update version.c in ndb.
# When changing major version number please also check switch statement
# in client/mysqlbinlog.cc:check_master_version().
AM_INIT_AUTOMAKE(mysql, 5.5.2-m2)
AM_CONFIG_HEADER([include/config.h:config.h.in])
AC_INIT([MySQL Server], [5.5.2-m2], [], [mysql])
AC_CONFIG_SRCDIR([sql/mysqld.cc])
AC_CANONICAL_SYSTEM
# USTAR format gives us the possibility to store longer path names in
# TAR files, the path name is split into two parts, a 155 chacater
# first part and a 100 character second part.
AM_INIT_AUTOMAKE([1.9 tar-ustar])
LT_INIT
LT_PREREQ([1.5.6])
AM_CONFIG_HEADER([include/config.h])
# Request support for automake silent-rules if available.
# Default to verbose output. One can use the configure-time
......
......@@ -77,12 +77,28 @@ copy_file $fake_relay_log $_fake_relay_log;
if (`select convert(@@version_compile_os using latin1) IN ("Win32","Win64","Windows") = 0`)
{
eval select './$_fake_filename-fake.000001\n' into dumpfile '$_fake_relay_index';
-- let $_index_entry= ./$_fake_filename-fake.000001
}
if (`select convert(@@version_compile_os using latin1) IN ("Win32","Win64","Windows") != 0`)
{
eval select '.\\\\$_fake_filename-fake.000001\n' into dumpfile '$_fake_relay_index';
-- let $_index_entry= .\\\\$_fake_filename-fake.000001
}
if (`SELECT LENGTH(@@secure_file_priv) > 0`)
{
-- let $_file_priv_dir= `SELECT @@secure_file_priv`;
-- let $_suffix= `SELECT UUID()`
-- let $_tmp_file= $_file_priv_dir/fake-index.$_suffix
-- eval select '$_index_entry\n' into dumpfile '$_tmp_file'
-- copy_file $_tmp_file $_fake_relay_index
-- remove_file $_tmp_file
}
if (`SELECT LENGTH(@@secure_file_priv) = 0`)
{
-- eval select '$_index_entry\n' into dumpfile '$_fake_relay_index'
}
# Setup replication from existing relay log.
......
......@@ -611,4 +611,12 @@ WHERE t3.a=t1.a AND MATCH(b2) AGAINST('scargill' IN BOOLEAN MODE)
count(*)
0
DROP TABLE t1,t2,t3;
#
# Bug #49445: Assertion failed: 0, file .\item_row.cc, line 55 with
# fulltext search and row op
#
CREATE TABLE t1(a CHAR(1),FULLTEXT(a));
SELECT 1 FROM t1 WHERE MATCH(a) AGAINST ('') AND ROW(a,a) > ROW(1,1);
1
DROP TABLE t1;
End of 5.1 tests
......@@ -1643,6 +1643,28 @@ SELECT 'OK' AS TEST_RESULT FROM INFORMATION_SCHEMA.PROCESSLIST WHERE time < 0;
TEST_RESULT
OK
SET TIMESTAMP=DEFAULT;
#
# Bug #50276: Security flaw in INFORMATION_SCHEMA.TABLES
#
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1 (id INT);
CREATE USER nonpriv;
USE test;
# connected as nonpriv
# Should return 0
SELECT COUNT(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME='t1';
COUNT(*)
0
USE INFORMATION_SCHEMA;
# Should return 0
SELECT COUNT(*) FROM TABLES WHERE TABLE_NAME='t1';
COUNT(*)
0
# connected as root
DROP USER nonpriv;
DROP TABLE db1.t1;
DROP DATABASE db1;
End of 5.1 tests.
create table information_schema.t1 (f1 INT);
ERROR 42000: Access denied for user 'root'@'localhost' to database 'information_schema'
......
......@@ -554,4 +554,14 @@ SELECT count(*) FROM t1 WHERE
DROP TABLE t1,t2,t3;
--echo #
--echo # Bug #49445: Assertion failed: 0, file .\item_row.cc, line 55 with
--echo # fulltext search and row op
--echo #
CREATE TABLE t1(a CHAR(1),FULLTEXT(a));
SELECT 1 FROM t1 WHERE MATCH(a) AGAINST ('') AND ROW(a,a) > ROW(1,1);
DROP TABLE t1;
--echo End of 5.1 tests
......@@ -1389,6 +1389,33 @@ SET TIMESTAMP=@@TIMESTAMP + 10000000;
SELECT 'OK' AS TEST_RESULT FROM INFORMATION_SCHEMA.PROCESSLIST WHERE time < 0;
SET TIMESTAMP=DEFAULT;
--echo #
--echo # Bug #50276: Security flaw in INFORMATION_SCHEMA.TABLES
--echo #
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1 (id INT);
CREATE USER nonpriv;
USE test;
connect (nonpriv_con, localhost, nonpriv,,);
connection nonpriv_con;
--echo # connected as nonpriv
--echo # Should return 0
SELECT COUNT(*) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME='t1';
USE INFORMATION_SCHEMA;
--echo # Should return 0
SELECT COUNT(*) FROM TABLES WHERE TABLE_NAME='t1';
connection default;
--echo # connected as root
disconnect nonpriv_con;
DROP USER nonpriv;
DROP TABLE db1.t1;
DROP DATABASE db1;
--echo End of 5.1 tests.
#
......
......@@ -3677,20 +3677,20 @@ add_ft_keys(DYNAMIC_ARRAY *keyuse_array,
cond_func=(Item_func_match *)cond;
else if (func->arg_count == 2)
{
Item_func *arg0=(Item_func *)(func->arguments()[0]),
*arg1=(Item_func *)(func->arguments()[1]);
if (arg1->const_item() &&
Item *arg0=(Item *)(func->arguments()[0]),
*arg1=(Item *)(func->arguments()[1]);
if (arg1->const_item() && arg1->cols() == 1 &&
arg0->type() == Item::FUNC_ITEM &&
arg0->functype() == Item_func::FT_FUNC &&
((Item_func *) arg0)->functype() == Item_func::FT_FUNC &&
((functype == Item_func::GE_FUNC && arg1->val_real() > 0) ||
(functype == Item_func::GT_FUNC && arg1->val_real() >=0)))
cond_func=(Item_func_match *) arg0;
cond_func= (Item_func_match *) arg0;
else if (arg0->const_item() &&
arg1->type() == Item::FUNC_ITEM &&
arg1->functype() == Item_func::FT_FUNC &&
((Item_func *) arg1)->functype() == Item_func::FT_FUNC &&
((functype == Item_func::LE_FUNC && arg0->val_real() > 0) ||
(functype == Item_func::LT_FUNC && arg0->val_real() >=0)))
cond_func=(Item_func_match *) arg1;
cond_func= (Item_func_match *) arg1;
}
}
else if (cond->type() == Item::COND_ITEM)
......
......@@ -3309,11 +3309,11 @@ int get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond)
while ((db_name= it++))
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (!check_access(thd,SELECT_ACL, db_name->str,
if (!(check_access(thd,SELECT_ACL, db_name->str,
&thd->col_access, 0, 1, with_i_schema) ||
(!thd->col_access && check_grant_db(thd, db_name->str))) ||
sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(sctx->host, sctx->ip, sctx->priv_user, db_name->str, 0) ||
!check_grant_db(thd, db_name->str))
acl_get(sctx->host, sctx->ip, sctx->priv_user, db_name->str, 0))
#endif
{
thd->no_warnings_for_error= 1;
......
......@@ -140,11 +140,11 @@ function GetValue(str, key)
function GetVersion(str)
{
var key = "AM_INIT_AUTOMAKE(mysql, ";
var pos = str.indexOf(key); //5.0.6-beta)
var key = "AC_INIT([MySQL Server], [";
var pos = str.indexOf(key);
if (pos == -1) return null;
pos += key.length;
var end = str.indexOf(")", pos);
var end = str.indexOf("]", pos);
if (end == -1) return null;
return str.substring(pos, end);
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment